@flamingo-stack/openframe-frontend-core 0.0.295 → 0.0.296-snapshot.20260621021605

package/dist/chunk-YD43AKI5.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../src/components/embeds/embed-iframe.tsx","../src/components/embeds/pdf-viewer.tsx","../src/components/embeds/google-sheets-viewer.tsx","../src/components/embeds/figma-embed.tsx","../src/components/embeds/og-link-preview.tsx"],"sourcesContent":["\"use client\"\n\nimport React, { useState, useCallback, useRef, useEffect } from 'react'\n\n/** Loading skeleton for iframe embeds — matches project skeleton pattern */\nfunction EmbedLoadingSkeleton({ height }: { height?: string }) {\n  return (\n    <div\n      className=\"w-full rounded-lg border border-ods-border overflow-hidden bg-ods-skeleton animate-pulse\"\n      style={{ height: height || 'calc(100vh - 250px)' }}\n    >\n      <div className=\"flex flex-col items-center justify-center h-full gap-4\">\n        <div className=\"w-12 h-12 rounded-lg bg-ods-card\" />\n        <div className=\"h-4 w-48 rounded bg-ods-card\" />\n        <div className=\"h-3 w-32 rounded bg-ods-card\" />\n      </div>\n    </div>\n  )\n}\n\nexport interface EmbedIframeProps {\n  /** The URL to embed */\n  src: string\n  /** Accessible title for the iframe */\n  title: string\n  /** Additional class names for the outer container */\n  className?: string\n  /** Container height (CSS value). Defaults to `calc(100vh - 250px)` */\n  height?: string\n  /** iframe `allow` attribute */\n  allow?: string\n  /** iframe `referrerPolicy` attribute */\n  referrerPolicy?: React.IframeHTMLAttributes<HTMLIFrameElement>['referrerPolicy']\n  /** iframe `loading` attribute */\n  loading?: 'eager' | 'lazy'\n  /** iframe `allowFullScreen` attribute */\n  allowFullScreen?: boolean\n}\n\n/**\n * Base iframe wrapper with loading skeleton and proper memory cleanup.\n *\n * Prevents memory leaks by:\n * - Using `key={src}` to force full unmount/remount when src changes\n * - Setting iframe src to about:blank on unmount to release the embedded document\n * - Resetting loaded state when src changes\n */\nexport function EmbedIframe({\n  src,\n  title,\n  className,\n  height,\n  allow,\n  referrerPolicy,\n  loading,\n  allowFullScreen,\n}: EmbedIframeProps) {\n  const [isLoaded, setIsLoaded] = useState(false)\n  const iframeRef = useRef<HTMLIFrameElement>(null)\n  const handleLoad = useCallback(() => setIsLoaded(true), [])\n\n  useEffect(() => {\n    setIsLoaded(false)\n  }, [src])\n\n  useEffect(() => {\n    const iframe = iframeRef.current\n    return () => {\n      if (iframe) {\n        try {\n          iframe.src = 'about:blank'\n        } catch {\n          // Cross-origin iframes may throw — safe to ignore\n        }\n      }\n    }\n  }, [src])\n\n  const resolvedHeight = height || 'calc(100vh - 250px)'\n\n  return (\n    <>\n      {!isLoaded && <EmbedLoadingSkeleton height={resolvedHeight} />}\n      <div\n        className={`w-full rounded-lg border border-ods-border overflow-hidden ${!isLoaded ? 'h-0 overflow-hidden' : ''} ${className || ''}`}\n        style={isLoaded ? { height: resolvedHeight } : undefined}\n      >\n        <iframe\n          key={src}\n          ref={iframeRef}\n          src={src}\n          className=\"w-full h-full border-0\"\n          title={title}\n          onLoad={handleLoad}\n          allow={allow}\n          referrerPolicy={referrerPolicy}\n          loading={loading}\n          allowFullScreen={allow?.includes('fullscreen') ? undefined : allowFullScreen}\n        />\n      </div>\n    </>\n  )\n}\n","\"use client\"\n\nimport React from 'react'\nimport { Button } from '../ui'\nimport { Download, Eye } from 'lucide-react'\nimport { AdobePdfIcon } from '../icons-v2-generated'\nimport { EmbedIframe } from './embed-iframe'\n\nexport interface PdfViewerProps {\n  src: string\n  fileName?: string\n  onPreview?: () => void\n  onDownload?: () => void\n  height?: string\n}\n\nexport function PdfViewer({ src, fileName, onPreview, onDownload, height }: PdfViewerProps) {\n  const displayName = fileName || 'PDF Document'\n\n  if (!src) {\n    return (\n      <div className=\"flex flex-col items-center justify-center py-16 text-center\">\n        <AdobePdfIcon className=\"w-16 h-16 text-ods-text-secondary mb-4\" />\n        <p className=\"text-ods-text-secondary\">PDF file not available</p>\n      </div>\n    )\n  }\n\n  return (\n    <div className=\"space-y-4\">\n      <div className=\"flex flex-col gap-3 sm:flex-row sm:items-center sm:justify-between\">\n        <div className=\"flex items-center gap-2 min-w-0\">\n          <AdobePdfIcon className=\"w-5 h-5 shrink-0\" />\n          <h2 className=\"text-xl font-semibold text-ods-text-primary truncate\">{displayName}</h2>\n        </div>\n        <div className=\"flex items-center gap-2 w-full sm:w-auto\">\n          <Button\n            variant=\"outline\"\n            size=\"small-legacy\"\n            href={onPreview ? undefined : src}\n            openInNewTab={!onPreview}\n            onClick={onPreview}\n            leftIcon={<Eye className=\"w-4 h-4\" />}\n            className=\"flex-1 sm:flex-initial\"\n          >\n            Preview\n          </Button>\n          <Button\n            variant=\"outline\"\n            size=\"small-legacy\"\n            href={onDownload ? undefined : src}\n            openInNewTab={!onDownload}\n            onClick={onDownload}\n            leftIcon={<Download className=\"w-4 h-4\" />}\n            className=\"flex-1 sm:flex-initial\"\n          >\n            Download\n          </Button>\n        </div>\n      </div>\n      <EmbedIframe src={src} title={displayName} height={height} />\n    </div>\n  )\n}\n","\"use client\"\n\nimport React from 'react'\nimport { Button } from '../ui'\nimport { ExternalLink } from 'lucide-react'\nimport { GoogleSheetsIcon } from '../icons-v2-generated'\nimport { EmbedIframe } from './embed-iframe'\nimport { toGoogleSheetsEmbedUrl, toGoogleSheetsOriginalUrl } from '../../utils/embed-url-converters'\n\nexport interface GoogleSheetsViewerProps {\n  externalUrl: string\n  fileName?: string\n  height?: string\n}\n\nexport function GoogleSheetsViewer({ externalUrl, fileName, height }: GoogleSheetsViewerProps) {\n  const displayName = fileName || 'Google Sheet'\n\n  if (!externalUrl) {\n    return (\n      <div className=\"flex flex-col items-center justify-center py-16 text-center\">\n        <GoogleSheetsIcon className=\"w-16 h-16 text-ods-text-secondary mb-4\" />\n        <p className=\"text-ods-text-secondary\">Google Sheet URL not configured</p>\n      </div>\n    )\n  }\n\n  return (\n    <div className=\"space-y-4\">\n      <div className=\"flex flex-col gap-3 sm:flex-row sm:items-center sm:justify-between\">\n        <div className=\"flex items-center gap-2 min-w-0\">\n          <GoogleSheetsIcon className=\"w-5 h-5 shrink-0\" />\n          <h2 className=\"text-xl font-semibold text-ods-text-primary truncate\">{displayName}</h2>\n        </div>\n        <Button\n          variant=\"outline\"\n          size=\"small-legacy\"\n          href={toGoogleSheetsOriginalUrl(externalUrl)}\n          openInNewTab\n          leftIcon={<GoogleSheetsIcon className=\"w-4 h-4\" />}\n          rightIcon={<ExternalLink className=\"w-4 h-4\" />}\n          className=\"w-full sm:w-auto\"\n        >\n          Open in Google Sheets\n        </Button>\n      </div>\n      <EmbedIframe\n        src={toGoogleSheetsEmbedUrl(externalUrl)}\n        title={displayName}\n        height={height}\n      />\n    </div>\n  )\n}\n","'use client'\n\nimport { useState } from 'react'\nimport { Button, ToggleGroup, ToggleGroupItem } from '../ui'\nimport { FigmaIcon } from '../icons-v2-generated'\nimport { ExternalLink, Play, LayoutGrid } from 'lucide-react'\nimport { toFigmaEmbedUrl, toFigmaOriginalUrl, isFigmaSlidesUrl } from '../../utils/embed-url-converters'\nimport { EmbedIframe } from './embed-iframe'\n\nexport interface FigmaEmbedProps {\n  /** Any Figma URL (design/file/proto/board/slides/deck) or an already-resolved embed URL. */\n  url: string\n  /** Heading shown above the embed. Defaults to \"Figma Design\". */\n  title?: string\n  /**\n   * iframe height (CSS value). The data-room document viewer omits it (full\n   * height, `calc(100vh - 250px)`); inline markdown passes e.g. `\"70vh\"` so the\n   * embed sits naturally inside article content.\n   */\n  height?: string\n  /** iframe loading strategy. Defaults to `\"lazy\"`; the data-room viewer passes `\"eager\"`. */\n  loading?: 'eager' | 'lazy'\n}\n\ntype SlidesView = 'present' | 'browse'\n\n/**\n * Two-state present/browse toggle for Figma Slides. `present` (default) uses\n * Figma's deck viewer (full-bleed slide + `‹ n/N ›` nav bar + keyboard nav);\n * `browse` uses the thumbnail-rail + zoom viewer.\n */\nfunction SlidesViewToggle({\n  view,\n  onChange,\n}: {\n  view: SlidesView\n  onChange: (v: SlidesView) => void\n}) {\n  const options: { key: SlidesView; label: string; Icon: typeof Play }[] = [\n    { key: 'present', label: 'Present', Icon: Play },\n    { key: 'browse', label: 'Browse', Icon: LayoutGrid },\n  ]\n  return (\n    <ToggleGroup\n      type=\"single\"\n      value={view}\n      onValueChange={(v: string) => {\n        if (v && v !== view) onChange(v as SlidesView)\n      }}\n      aria-label=\"Figma slides view mode\"\n      className=\"flex shrink-0 items-center gap-0.5 rounded-lg border border-ods-border bg-ods-card p-0.5\"\n    >\n      {options.map(({ key, label, Icon }) => {\n        const active = view === key\n        return (\n          <ToggleGroupItem\n            key={key}\n            value={key}\n            aria-label={label}\n            className={`flex items-center gap-1.5 rounded-md px-2.5 py-1 text-sm font-medium transition-colors ${\n              active\n                ? 'bg-ods-accent text-ods-text-on-accent'\n                : 'text-ods-text-secondary hover:text-ods-text-primary hover:bg-ods-bg-hover'\n            }`}\n          >\n            <Icon className=\"h-4 w-4 shrink-0\" />\n            {label}\n          </ToggleGroupItem>\n        )\n      })}\n    </ToggleGroup>\n  )\n}\n\n/**\n * Single source of truth for every Figma surface — the data-room document viewer\n * and in-article markdown both render this. A header (icon + title + \"Open in\n * Figma\") over an interactive Figma iframe, built from the canonical\n * `toFigmaEmbedUrl` / `toFigmaOriginalUrl` converters + the shared `<EmbedIframe>`.\n * Only height/loading differ per surface.\n *\n * For Slides decks, a present/browse toggle (default = present) lets viewers flip\n * slides with Figma's native nav bar + keyboard, or switch to the thumbnail-rail\n * browse view.\n */\nexport function FigmaEmbed({ url, title, height, loading = 'lazy' }: FigmaEmbedProps) {\n  const [view, setView] = useState<SlidesView>('present')\n  const isSlides = url ? isFigmaSlidesUrl(url) : false\n  const embedSrc = url ? toFigmaEmbedUrl(url, { slidesView: view }) : null\n  const originalUrl = (() => {\n    if (!url) return null\n    try {\n      const parsed = new URL(toFigmaOriginalUrl(url))\n      const host = parsed.hostname.toLowerCase()\n      const okHost = host === 'figma.com' || host.endsWith('.figma.com')\n      const okProtocol = parsed.protocol === 'https:' || parsed.protocol === 'http:'\n      return okHost && okProtocol ? parsed.toString() : null\n    } catch {\n      return null\n    }\n  })()\n  const heading = title || 'Figma Design'\n\n  return (\n    <div className=\"my-6 space-y-3\">\n      <div className=\"flex flex-col gap-3 sm:flex-row sm:items-center sm:justify-between\">\n        <div className=\"flex items-center gap-2 min-w-0\">\n          <FigmaIcon className=\"w-5 h-5 shrink-0\" />\n          <span className=\"font-sans text-base font-semibold text-ods-text-primary truncate\">\n            {heading}\n          </span>\n        </div>\n        <div className=\"flex flex-col gap-2 sm:flex-row sm:items-center\">\n          {isSlides && embedSrc && <SlidesViewToggle view={view} onChange={setView} />}\n          {originalUrl && (\n            <Button\n              variant=\"outline\"\n              size=\"small-legacy\"\n              href={originalUrl}\n              openInNewTab\n              leftIcon={<FigmaIcon className=\"w-4 h-4\" />}\n              rightIcon={<ExternalLink className=\"w-4 h-4\" />}\n              className=\"w-full sm:w-auto\"\n            >\n              Open in Figma\n            </Button>\n          )}\n        </div>\n      </div>\n      {embedSrc ? (\n        <EmbedIframe\n          src={embedSrc}\n          title={heading}\n          allow=\"clipboard-write; clipboard-read; fullscreen\"\n          loading={loading}\n          height={height}\n          allowFullScreen\n        />\n      ) : (\n        <div className=\"flex flex-col items-center justify-center py-16 text-center\">\n          <FigmaIcon className=\"w-16 h-16 text-ods-text-secondary mb-4\" />\n          <p className=\"text-ods-text-secondary\">Figma URL not configured</p>\n        </div>\n      )}\n    </div>\n  )\n}\n","\"use client\"\n\nimport React, { useState, useEffect, Component, ReactNode } from 'react'\nimport Image from '../../embed-shims/next-image'\nimport { useImageEdgeColor } from '../../hooks'\n\n/**\n * Open-Graph metadata returned by the consumer's scrape endpoint.\n *\n * The shape MUST match the JSON the OG endpoint serves at `ogEndpointPath`.\n * The hub's `/api/blog/og-scraper` returns exactly these fields — embedders\n * with a different endpoint must return the same shape (or adapt at the\n * route boundary). Keeps the consumer surface trivial: one URL → one card.\n */\nexport interface OGData {\n  title: string\n  description: string\n  image: string\n  originalImage?: string\n  url: string\n  siteName: string\n  type: string\n  favicon: string\n}\n\ninterface ErrorBoundaryProps {\n  children: ReactNode\n  fallback: ReactNode\n}\n\ninterface ErrorBoundaryState {\n  hasError: boolean\n}\n\n/**\n * Tiny error boundary tailored for OG link previews — caught errors quietly\n * fall back to the `fallback` prop (typically a plain hyperlink) so a single\n * broken third-party preview can't crash a whole article view.\n *\n * Named `OGLinkErrorBoundary` (not the generic `ErrorBoundary`) because the\n * lib already exports a separate `ErrorBoundary` from\n * `components/features/error-boundary.tsx`. The top-level `components/index.ts`\n * barrel re-exports both `./embeds` and `./features` via `export *`, so a\n * second `ErrorBoundary` here collides as TS2308.\n */\nexport class OGLinkErrorBoundary extends Component<ErrorBoundaryProps, ErrorBoundaryState> {\n  constructor(props: ErrorBoundaryProps) {\n    super(props)\n    this.state = { hasError: false }\n  }\n\n  static getDerivedStateFromError(): ErrorBoundaryState {\n    return { hasError: true }\n  }\n\n  componentDidCatch(error: Error, errorInfo: React.ErrorInfo) {\n    console.warn('Link preview error caught by boundary:', error, errorInfo)\n  }\n\n  render() {\n    if (this.state.hasError) return this.props.fallback\n    return this.props.children\n  }\n}\n\n/**\n * Builds a placeholder image URL when the scrape returns no image. Hub passes\n * its own `buildOgPlaceholderUrl` (which resolves CSS-var ODS colors against\n * the platform's brand palette + hits `/api/og-placeholder`); other embedders\n * can omit the prop to disable the placeholder entirely.\n *\n * Receives the post-scrape `title` and `siteName` so the placeholder can echo\n * the actual card content, not a generic graphic.\n */\nexport type BuildPlaceholderUrl = (\n  title: string,\n  siteName: string,\n) => string | null\n\nexport interface OGLinkPreviewProps {\n  /** The external URL to preview. */\n  url: string\n  /** Origin / base URL the OG endpoint is served from. Empty / undefined\n   *  means same-origin (hub-direct use). Embed contexts pass the hub's\n   *  origin here (e.g. `'https://hub.example.com'`) so the fetch hits\n   *  the hub instead of the embedder origin.\n   *\n   *  Pattern matches lib's `useNatsDialogSubscription({apiBaseUrl})` +\n   *  `buildSuggestionUrl({apiBaseUrl})` so all embed-ready surfaces share\n   *  one configuration knob. */\n  apiBaseUrl?: string\n  /** Path of the OG endpoint on the configured base. Default\n   *  `'/api/blog/og-scraper'` matches the hub's route. Override if the\n   *  embedder serves the same `OGData` shape from a different path. */\n  ogEndpointPath?: string\n  /** Optional placeholder-builder. Omit to disable the placeholder image\n   *  (the card then degrades to a favicon+title chip when no scraped image\n   *  is available). The hub injects its `buildOgPlaceholderUrl` here. */\n  buildPlaceholderUrl?: BuildPlaceholderUrl\n  /** Override the scraped title (used by publication cards that already know\n   *  the title locally — e.g. a CMS-managed press link). */\n  fallbackTitle?: string\n  /** Override the scraped description. */\n  fallbackDescription?: string\n  /** Override the scraped image — useful when the scrape returns no image but\n   *  the embedder has a CMS-stored hero image to fall back to. */\n  fallbackImage?: string\n  /** Publication / source name shown alongside the favicon (e.g. \"TechCrunch\"). */\n  publicationName?: string\n  /** Publication logo URL shown alongside the title (defaults to favicon). */\n  publicationLogo?: string\n  /** Card variant. `compact` = horizontal layout (~120px tall) suited for\n   *  in-doc placements; `default` = larger vertical layout for press / hero\n   *  positions. */\n  variant?: 'default' | 'compact'\n  /** Disable the synthesized placeholder image even when `buildPlaceholderUrl`\n   *  is provided — used by the markdown renderer to keep doc cards lighter. */\n  enablePlaceholder?: boolean\n}\n\nfunction getDomain(urlStr: string): string {\n  try { return new URL(urlStr).hostname.replace('www.', '') }\n  catch { return 'External Link' }\n}\n\nfunction domainToTitle(domain: string): string {\n  return domain.split('.')[0].replace(/-/g, ' ').replace(/\\b\\w/g, c => c.toUpperCase())\n}\n\nconst ExternalLinkIcon = ({ size = 16 }: { size?: number }) => (\n  <svg width={size} height={size} fill=\"none\" stroke=\"currentColor\" viewBox=\"0 0 24 24\" className=\"text-ods-text-secondary group-hover:text-ods-accent transition-colors flex-shrink-0\">\n    <path strokeLinecap=\"round\" strokeLinejoin=\"round\" strokeWidth={2} d=\"M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14\" />\n  </svg>\n)\n\nconst Favicon = ({ src, size = 'w-6 h-6' }: { src: string; size?: string }) => (\n  <img src={src} alt=\"\" className={size} onError={(e) => { (e.target as HTMLImageElement).style.display = 'none' }} />\n)\n\n/**\n * Rich Open-Graph link preview card with skeleton, fallback, and image-edge\n * background detection.\n *\n * Flow:\n *  1. Validate URL early (no network for malformed input, localhost, or\n *     RFC1918 ranges — those render as plain `<a>` tags).\n *  2. `GET ogEndpointPath?url=<encoded>` — embedder serves the shape declared\n *     in `OGData`.\n *  3. Resolve image: scraped og:image → `originalImage` fallback → `fallbackImage`\n *     prop → `buildPlaceholderUrl(title, siteName)`. Each step has its own\n *     error toggle so a 404 / CORS-tainted image gracefully degrades.\n *  4. Extract a letterbox background color from the resolved image via\n *     `useImageEdgeColor`. Same-origin proxy is REQUIRED for cross-origin\n *     images so the `<canvas>` extraction doesn't taint.\n *  5. Render compact (h-[120px] horizontal) or default (vertical w/ aspect-video\n *     hero) variant, with image-less degraded variants for each.\n */\nexport const OGLinkPreview: React.FC<OGLinkPreviewProps> = ({\n  url,\n  apiBaseUrl,\n  ogEndpointPath = '/api/blog/og-scraper',\n  buildPlaceholderUrl,\n  fallbackTitle,\n  fallbackDescription,\n  fallbackImage,\n  publicationName,\n  publicationLogo,\n  variant = 'default',\n  enablePlaceholder = true,\n}) => {\n  const [ogData, setOgData] = useState<OGData | null>(null)\n  const [loading, setLoading] = useState(true)\n  const [error, setError] = useState(false)\n  const [imageError, setImageError] = useState(false)\n  const [originalImageError, setOriginalImageError] = useState(false)\n  const [fallbackImageError, setFallbackImageError] = useState(false)\n\n  let isValidUrl = true\n  let isLocalhost = false\n  try {\n    if (url && typeof url === 'string') {\n      const urlObj = new URL(url)\n      if (['localhost', '127.0.0.1', '0.0.0.0'].includes(urlObj.hostname) ||\n          urlObj.hostname.startsWith('192.168.') || urlObj.hostname.startsWith('10.') || urlObj.hostname.startsWith('172.')) {\n        isLocalhost = true\n      }\n    } else {\n      isValidUrl = false\n    }\n  } catch {\n    isValidUrl = false\n  }\n\n  useEffect(() => {\n    if (!isValidUrl || isLocalhost) return\n\n    const fetchOGData = async () => {\n      try {\n        new URL(url)\n        setLoading(true)\n        // Compose `${base}${path}?url=…`. Empty base → relative path\n        // (same-origin); absolute base → cross-origin embed against the hub.\n        // Plain string concat is safer than `new URL(path, base)` because\n        // the latter resolves `path` against the BASE's pathname when\n        // `path` is relative, producing surprising URLs when the embedder\n        // serves the lib from a subpath.\n        const endpoint = `${apiBaseUrl ?? ''}${ogEndpointPath}?url=${encodeURIComponent(url)}`\n        const response = await fetch(endpoint)\n        if (response.ok) {\n          const data = await response.json()\n          if (data?.title && data.title !== 'Link Preview Unavailable') {\n            setOgData(data)\n          } else {\n            setError(true)\n          }\n        } else {\n          setError(true)\n        }\n      } catch {\n        setError(true)\n      } finally {\n        setLoading(false)\n      }\n    }\n\n    fetchOGData()\n  }, [url, isValidUrl, isLocalhost, apiBaseUrl, ogEndpointPath])\n\n  const isCompact = variant === 'compact'\n  const domain = getDomain(url)\n\n  const effectiveData: OGData | null = ogData ?? (error ? {\n    title: fallbackTitle || domainToTitle(domain),\n    description: fallbackDescription || domain,\n    image: '',\n    url,\n    siteName: publicationName || domain,\n    type: 'website',\n    favicon: `https://www.google.com/s2/favicons?domain=${domain}&sz=32`,\n  } : null)\n\n  // Hub-injected placeholder builder — fires only when the post-scrape image\n  // chain is empty AND `enablePlaceholder` is true. `null` when unprovided.\n  const placeholderImageUrl =\n    enablePlaceholder && buildPlaceholderUrl && effectiveData?.title\n      ? buildPlaceholderUrl(effectiveData.title, effectiveData.siteName || domain)\n      : null\n\n  const resolvedImageUrl = (effectiveData?.image && !imageError)\n    ? effectiveData.image\n    : (effectiveData?.originalImage && !originalImageError)\n      ? effectiveData.originalImage\n      : (fallbackImage && !fallbackImageError)\n        ? fallbackImage\n        : placeholderImageUrl\n\n  const hasImage = !!resolvedImageUrl\n  const isFallbackImage = resolvedImageUrl === fallbackImage\n  const isPlaceholder = resolvedImageUrl === placeholderImageUrl && !isFallbackImage\n  const bgColor = useImageEdgeColor(resolvedImageUrl ?? null, 'var(--ods-bg-secondary)')\n\n  const renderSkeleton = () => isCompact ? (\n    <div className=\"my-4\">\n      <div className=\"flex flex-row border border-ods-border rounded-lg overflow-hidden bg-ods-card h-[120px]\">\n        <div className=\"w-[200px] h-full flex-shrink-0 bg-ods-skeleton animate-pulse\" />\n        <div className=\"flex-1 p-3 flex flex-col justify-center\">\n          <div className=\"bg-ods-skeleton rounded animate-pulse h-4 w-3/4 mb-2\" />\n          <div className=\"bg-ods-skeleton rounded animate-pulse h-3 w-full mb-1\" />\n          <div className=\"bg-ods-skeleton rounded animate-pulse h-3 w-2/3 mb-2\" />\n          <div className=\"bg-ods-skeleton rounded animate-pulse h-3 w-1/3\" />\n        </div>\n      </div>\n    </div>\n  ) : (\n    <div className=\"my-6\">\n      <div className=\"block border border-ods-border rounded-lg overflow-hidden bg-ods-card\">\n        <div className=\"aspect-video w-full bg-ods-skeleton overflow-hidden relative animate-pulse\" />\n        <div className=\"p-4\">\n          <div className=\"flex items-start gap-3\">\n            <div className=\"w-6 h-6 bg-ods-skeleton rounded flex-shrink-0 mt-0.5 animate-pulse\" />\n            <div className=\"flex-1 min-w-0\">\n              <div className=\"h-[2.5rem] leading-[1.25rem] mb-2 overflow-hidden\">\n                <div className=\"bg-ods-skeleton rounded animate-pulse\" style={{ height: '1.25rem', marginBottom: '0.25rem' }} />\n                <div className=\"bg-ods-skeleton rounded animate-pulse w-3/4\" style={{ height: '1.25rem' }} />\n              </div>\n              <div className=\"h-[2.5rem] leading-[1.25rem] mb-2 overflow-hidden\">\n                <div className=\"bg-ods-skeleton rounded animate-pulse\" style={{ height: '1.25rem', marginBottom: '0.25rem' }} />\n                <div className=\"bg-ods-skeleton rounded animate-pulse w-5/6\" style={{ height: '1.25rem' }} />\n              </div>\n              <div className=\"flex items-center gap-2\">\n                <div className=\"bg-ods-skeleton rounded animate-pulse\" style={{ height: '0.75rem', width: '6rem' }} />\n                <div className=\"bg-ods-skeleton rounded animate-pulse\" style={{ height: '0.75rem', width: '5rem' }} />\n              </div>\n            </div>\n          </div>\n        </div>\n      </div>\n    </div>\n  )\n\n  if (!url || typeof url !== 'string' || !isValidUrl) return renderSkeleton()\n\n  if (isLocalhost) {\n    return (\n      <div className=\"my-6\">\n        <a href={url} target=\"_blank\" rel=\"noopener noreferrer\"\n          className=\"inline-flex items-center gap-2 text-ods-accent hover:text-ods-accent-hover transition-colors\">\n          <span className=\"underline\">{url}</span>\n          <ExternalLinkIcon size={14} />\n        </a>\n      </div>\n    )\n  }\n\n  if (loading) return renderSkeleton()\n  if (!effectiveData) return renderSkeleton()\n\n  const title = fallbackTitle || effectiveData.title\n  // Empty string when the scrape returned nothing — descriptions render\n  // conditionally below. Avoids the legacy `'No description available'` filler\n  // that signaled \"broken card\" to users.\n  const description = fallbackDescription || effectiveData.description || ''\n  const ogDomain = getDomain(effectiveData.url)\n  const faviconSrc = effectiveData.favicon || `https://www.google.com/s2/favicons?domain=${ogDomain}&sz=32`\n  const logoSrc = publicationLogo || faviconSrc\n\n  const handleImageError = () => {\n    if (effectiveData.image && !imageError) setImageError(true)\n    else if (effectiveData.originalImage && !originalImageError) setOriginalImageError(true)\n    else setFallbackImageError(true)\n  }\n\n  const renderImage = () => {\n    if (!resolvedImageUrl) return null\n    if (isPlaceholder) {\n      return (\n        <img src={resolvedImageUrl} alt={title}\n          className=\"absolute inset-0 w-full h-full object-cover rounded-md\" />\n      )\n    }\n    if (isFallbackImage) {\n      return (\n        <Image src={resolvedImageUrl} alt={title} fill\n          className=\"object-contain rounded-md group-hover:scale-105 transition-transform duration-300\"\n          onError={handleImageError}\n          unoptimized={resolvedImageUrl.includes('/render/image/')} />\n      )\n    }\n    return (\n      <img src={resolvedImageUrl} alt={title}\n        className=\"absolute inset-0 w-full h-full object-contain rounded-md group-hover:scale-105 transition-transform duration-300\"\n        onError={handleImageError} />\n    )\n  }\n\n  if (isCompact) {\n    if (!hasImage) {\n      return (\n        <div className=\"my-4\">\n          <a href={effectiveData.url} target=\"_blank\" rel=\"noopener noreferrer\"\n            className=\"flex flex-row items-center gap-3 border border-ods-border rounded-lg overflow-hidden bg-ods-card hover:border-ods-accent transition-all duration-200 group px-4 py-3\">\n            <div className=\"w-8 h-8 bg-ods-bg-secondary rounded-lg flex items-center justify-center flex-shrink-0\">\n              <Favicon src={faviconSrc} size=\"w-5 h-5\" />\n            </div>\n            <div className=\"flex-1 min-w-0\">\n              <h3 className=\"font-sans text-sm font-semibold text-ods-text-primary group-hover:text-ods-accent transition-colors truncate\">{title}</h3>\n              {description && (\n                <p className=\"font-sans text-xs text-ods-text-secondary truncate\">{description}</p>\n              )}\n            </div>\n            <ExternalLinkIcon size={14} />\n          </a>\n        </div>\n      )\n    }\n    return (\n      <div className=\"my-4\">\n        <a href={effectiveData.url} target=\"_blank\" rel=\"noopener noreferrer\"\n          className=\"flex flex-row border border-ods-border rounded-lg overflow-hidden bg-ods-card hover:border-ods-accent transition-colors group h-[120px]\">\n          <div className=\"w-[200px] h-full flex-shrink-0 overflow-hidden relative flex items-center justify-center rounded-lg transition-colors duration-300\" style={{ backgroundColor: bgColor }}>\n            {renderImage()}\n          </div>\n          <div className=\"flex-1 p-3 flex flex-col justify-center min-w-0\">\n            <h3 className=\"font-sans text-sm font-semibold text-ods-text-primary overflow-hidden group-hover:text-ods-accent transition-colors\"\n              style={{ display: '-webkit-box', WebkitLineClamp: 1, WebkitBoxOrient: 'vertical' }}>{title}</h3>\n            {description && (\n              <p className=\"font-sans text-xs text-ods-text-secondary overflow-hidden mt-1\"\n                style={{ display: '-webkit-box', WebkitLineClamp: 2, WebkitBoxOrient: 'vertical' }}>{description}</p>\n            )}\n            <div className=\"text-xs text-ods-text-secondary mt-1 truncate\">{effectiveData.siteName || ogDomain}</div>\n          </div>\n        </a>\n      </div>\n    )\n  }\n\n  if (!hasImage) {\n    return (\n      <div className=\"my-6\">\n        <a href={effectiveData.url} target=\"_blank\" rel=\"noopener noreferrer\"\n          className=\"flex items-center gap-3 border border-ods-border rounded-lg overflow-hidden bg-ods-card hover:border-ods-accent transition-all duration-200 group px-4 py-3\">\n          <div className=\"w-10 h-10 bg-ods-bg-secondary rounded-lg flex items-center justify-center flex-shrink-0\">\n            <Favicon src={faviconSrc} />\n          </div>\n          <div className=\"flex-1 min-w-0\">\n            <h3 className=\"font-sans font-semibold text-ods-text-primary text-base group-hover:text-ods-accent transition-colors truncate\">{title}</h3>\n            {description && (\n              <p className=\"font-sans text-sm text-ods-text-secondary truncate\">{description}</p>\n            )}\n          </div>\n          <ExternalLinkIcon />\n        </a>\n      </div>\n    )\n  }\n\n  return (\n    <div className=\"my-6\">\n      <a href={effectiveData.url} target=\"_blank\" rel=\"noopener noreferrer\"\n        className=\"block border border-ods-border rounded-lg overflow-hidden bg-ods-card hover:border-ods-accent transition-colors group\">\n        <div className=\"aspect-video w-full overflow-hidden relative flex items-center justify-center rounded-lg transition-colors duration-300\" style={{ backgroundColor: bgColor }}>\n          {renderImage()}\n        </div>\n        <div className=\"p-4\">\n          <div className=\"flex items-start gap-3\">\n            <img src={logoSrc} alt={publicationName || ''} className=\"w-6 h-6 rounded object-contain flex-shrink-0 mt-0.5\"\n              onError={(e) => { (e.target as HTMLImageElement).style.display = 'none' }} />\n            <div className=\"flex-1 min-w-0\">\n              <h3 className=\"font-sans font-semibold text-ods-text-primary text-base overflow-hidden group-hover:text-ods-accent transition-colors h-[2.5rem] leading-[1.25rem] mb-2\"\n                style={{ display: '-webkit-box', WebkitLineClamp: 2, WebkitBoxOrient: 'vertical' }}>{title}</h3>\n              {description && (\n                <p className=\"font-sans text-sm text-ods-text-secondary overflow-hidden h-[2.5rem] leading-[1.25rem] mb-2\"\n                  style={{ display: '-webkit-box', WebkitLineClamp: 2, WebkitBoxOrient: 'vertical' }}>{description}</p>\n              )}\n              <div className=\"flex items-center gap-2 text-xs text-ods-text-secondary\">\n                <span className=\"font-medium\">{effectiveData.siteName}</span>\n                <span>•</span>\n                <span className=\"truncate\">{ogDomain}</span>\n              </div>\n            </div>\n          </div>\n        </div>\n      </a>\n    </div>\n  )\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,SAAgB,UAAU,aAAa,QAAQ,iBAAiB;AAS1D,SAsEF,UArEI,KADF;AANN,SAAS,qBAAqB,EAAE,OAAO,GAAwB;AAC7D,SACE;AAAA,IAAC;AAAA;AAAA,MACC,WAAU;AAAA,MACV,OAAO,EAAE,QAAQ,UAAU,sBAAsB;AAAA,MAEjD,+BAAC,SAAI,WAAU,0DACb;AAAA,4BAAC,SAAI,WAAU,oCAAmC;AAAA,QAClD,oBAAC,SAAI,WAAU,gCAA+B;AAAA,QAC9C,oBAAC,SAAI,WAAU,gCAA+B;AAAA,SAChD;AAAA;AAAA,EACF;AAEJ;AA6BO,SAAS,YAAY;AAAA,EAC1B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,GAAqB;AACnB,QAAM,CAAC,UAAU,WAAW,IAAI,SAAS,KAAK;AAC9C,QAAM,YAAY,OAA0B,IAAI;AAChD,QAAM,aAAa,YAAY,MAAM,YAAY,IAAI,GAAG,CAAC,CAAC;AAE1D,YAAU,MAAM;AACd,gBAAY,KAAK;AAAA,EACnB,GAAG,CAAC,GAAG,CAAC;AAER,YAAU,MAAM;AACd,UAAM,SAAS,UAAU;AACzB,WAAO,MAAM;AACX,UAAI,QAAQ;AACV,YAAI;AACF,iBAAO,MAAM;AAAA,QACf,QAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AAAA,EACF,GAAG,CAAC,GAAG,CAAC;AAER,QAAM,iBAAiB,UAAU;AAEjC,SACE,iCACG;AAAA,KAAC,YAAY,oBAAC,wBAAqB,QAAQ,gBAAgB;AAAA,IAC5D;AAAA,MAAC;AAAA;AAAA,QACC,WAAW,8DAA8D,CAAC,WAAW,wBAAwB,EAAE,IAAI,aAAa,EAAE;AAAA,QAClI,OAAO,WAAW,EAAE,QAAQ,eAAe,IAAI;AAAA,QAE/C;AAAA,UAAC;AAAA;AAAA,YAEC,KAAK;AAAA,YACL;AAAA,YACA,WAAU;AAAA,YACV;AAAA,YACA,QAAQ;AAAA,YACR;AAAA,YACA;AAAA,YACA;AAAA,YACA,iBAAiB,OAAO,SAAS,YAAY,IAAI,SAAY;AAAA;AAAA,UATxD;AAAA,QAUP;AAAA;AAAA,IACF;AAAA,KACF;AAEJ;;;AClGA,SAAS,UAAU,WAAW;AAiBxB,SACE,OAAAA,MADF,QAAAC,aAAA;AALC,SAAS,UAAU,EAAE,KAAK,UAAU,WAAW,YAAY,OAAO,GAAmB;AAC1F,QAAM,cAAc,YAAY;AAEhC,MAAI,CAAC,KAAK;AACR,WACE,gBAAAA,MAAC,SAAI,WAAU,+DACb;AAAA,sBAAAD,KAAC,gBAAa,WAAU,0CAAyC;AAAA,MACjE,gBAAAA,KAAC,OAAE,WAAU,2BAA0B,oCAAsB;AAAA,OAC/D;AAAA,EAEJ;AAEA,SACE,gBAAAC,MAAC,SAAI,WAAU,aACb;AAAA,oBAAAA,MAAC,SAAI,WAAU,sEACb;AAAA,sBAAAA,MAAC,SAAI,WAAU,mCACb;AAAA,wBAAAD,KAAC,gBAAa,WAAU,oBAAmB;AAAA,QAC3C,gBAAAA,KAAC,QAAG,WAAU,wDAAwD,uBAAY;AAAA,SACpF;AAAA,MACA,gBAAAC,MAAC,SAAI,WAAU,4CACb;AAAA,wBAAAD;AAAA,UAAC;AAAA;AAAA,YACC,SAAQ;AAAA,YACR,MAAK;AAAA,YACL,MAAM,YAAY,SAAY;AAAA,YAC9B,cAAc,CAAC;AAAA,YACf,SAAS;AAAA,YACT,UAAU,gBAAAA,KAAC,OAAI,WAAU,WAAU;AAAA,YACnC,WAAU;AAAA,YACX;AAAA;AAAA,QAED;AAAA,QACA,gBAAAA;AAAA,UAAC;AAAA;AAAA,YACC,SAAQ;AAAA,YACR,MAAK;AAAA,YACL,MAAM,aAAa,SAAY;AAAA,YAC/B,cAAc,CAAC;AAAA,YACf,SAAS;AAAA,YACT,UAAU,gBAAAA,KAAC,YAAS,WAAU,WAAU;AAAA,YACxC,WAAU;AAAA,YACX;AAAA;AAAA,QAED;AAAA,SACF;AAAA,OACF;AAAA,IACA,gBAAAA,KAAC,eAAY,KAAU,OAAO,aAAa,QAAgB;AAAA,KAC7D;AAEJ;;;AC3DA,SAAS,oBAAoB;AAgBvB,SACE,OAAAE,MADF,QAAAC,aAAA;AALC,SAAS,mBAAmB,EAAE,aAAa,UAAU,OAAO,GAA4B;AAC7F,QAAM,cAAc,YAAY;AAEhC,MAAI,CAAC,aAAa;AAChB,WACE,gBAAAA,MAAC,SAAI,WAAU,+DACb;AAAA,sBAAAD,KAAC,oBAAiB,WAAU,0CAAyC;AAAA,MACrE,gBAAAA,KAAC,OAAE,WAAU,2BAA0B,6CAA+B;AAAA,OACxE;AAAA,EAEJ;AAEA,SACE,gBAAAC,MAAC,SAAI,WAAU,aACb;AAAA,oBAAAA,MAAC,SAAI,WAAU,sEACb;AAAA,sBAAAA,MAAC,SAAI,WAAU,mCACb;AAAA,wBAAAD,KAAC,oBAAiB,WAAU,oBAAmB;AAAA,QAC/C,gBAAAA,KAAC,QAAG,WAAU,wDAAwD,uBAAY;AAAA,SACpF;AAAA,MACA,gBAAAA;AAAA,QAAC;AAAA;AAAA,UACC,SAAQ;AAAA,UACR,MAAK;AAAA,UACL,MAAM,0BAA0B,WAAW;AAAA,UAC3C,cAAY;AAAA,UACZ,UAAU,gBAAAA,KAAC,oBAAiB,WAAU,WAAU;AAAA,UAChD,WAAW,gBAAAA,KAAC,gBAAa,WAAU,WAAU;AAAA,UAC7C,WAAU;AAAA,UACX;AAAA;AAAA,MAED;AAAA,OACF;AAAA,IACA,gBAAAA;AAAA,MAAC;AAAA;AAAA,QACC,KAAK,uBAAuB,WAAW;AAAA,QACvC,OAAO;AAAA,QACP;AAAA;AAAA,IACF;AAAA,KACF;AAEJ;;;ACnDA,SAAS,YAAAE,iBAAgB;AAGzB,SAAS,gBAAAC,eAAc,MAAM,kBAAkB;AAkDrC,SAUE,OAAAC,MAVF,QAAAC,aAAA;AAxBV,SAAS,iBAAiB;AAAA,EACxB;AAAA,EACA;AACF,GAGG;AACD,QAAM,UAAmE;AAAA,IACvE,EAAE,KAAK,WAAW,OAAO,WAAW,MAAM,KAAK;AAAA,IAC/C,EAAE,KAAK,UAAU,OAAO,UAAU,MAAM,WAAW;AAAA,EACrD;AACA,SACE,gBAAAD;AAAA,IAAC;AAAA;AAAA,MACC,MAAK;AAAA,MACL,OAAO;AAAA,MACP,eAAe,CAAC,MAAc;AAC5B,YAAI,KAAK,MAAM,KAAM,UAAS,CAAe;AAAA,MAC/C;AAAA,MACA,cAAW;AAAA,MACX,WAAU;AAAA,MAET,kBAAQ,IAAI,CAAC,EAAE,KAAK,OAAO,KAAK,MAAM;AACrC,cAAM,SAAS,SAAS;AACxB,eACE,gBAAAC;AAAA,UAAC;AAAA;AAAA,YAEC,OAAO;AAAA,YACP,cAAY;AAAA,YACZ,WAAW,0FACT,SACI,0CACA,2EACN;AAAA,YAEA;AAAA,8BAAAD,KAAC,QAAK,WAAU,oBAAmB;AAAA,cAClC;AAAA;AAAA;AAAA,UAVI;AAAA,QAWP;AAAA,MAEJ,CAAC;AAAA;AAAA,EACH;AAEJ;AAaO,SAAS,WAAW,EAAE,KAAK,OAAO,QAAQ,UAAU,OAAO,GAAoB;AACpF,QAAM,CAAC,MAAM,OAAO,IAAIE,UAAqB,SAAS;AACtD,QAAM,WAAW,MAAM,iBAAiB,GAAG,IAAI;AAC/C,QAAM,WAAW,MAAM,gBAAgB,KAAK,EAAE,YAAY,KAAK,CAAC,IAAI;AACpE,QAAM,eAAe,MAAM;AACzB,QAAI,CAAC,IAAK,QAAO;AACjB,QAAI;AACF,YAAM,SAAS,IAAI,IAAI,mBAAmB,GAAG,CAAC;AAC9C,YAAM,OAAO,OAAO,SAAS,YAAY;AACzC,YAAM,SAAS,SAAS,eAAe,KAAK,SAAS,YAAY;AACjE,YAAM,aAAa,OAAO,aAAa,YAAY,OAAO,aAAa;AACvE,aAAO,UAAU,aAAa,OAAO,SAAS,IAAI;AAAA,IACpD,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF,GAAG;AACH,QAAM,UAAU,SAAS;AAEzB,SACE,gBAAAD,MAAC,SAAI,WAAU,kBACb;AAAA,oBAAAA,MAAC,SAAI,WAAU,sEACb;AAAA,sBAAAA,MAAC,SAAI,WAAU,mCACb;AAAA,wBAAAD,KAAC,aAAU,WAAU,oBAAmB;AAAA,QACxC,gBAAAA,KAAC,UAAK,WAAU,oEACb,mBACH;AAAA,SACF;AAAA,MACA,gBAAAC,MAAC,SAAI,WAAU,mDACZ;AAAA,oBAAY,YAAY,gBAAAD,KAAC,oBAAiB,MAAY,UAAU,SAAS;AAAA,QACzE,eACC,gBAAAA;AAAA,UAAC;AAAA;AAAA,YACC,SAAQ;AAAA,YACR,MAAK;AAAA,YACL,MAAM;AAAA,YACN,cAAY;AAAA,YACZ,UAAU,gBAAAA,KAAC,aAAU,WAAU,WAAU;AAAA,YACzC,WAAW,gBAAAA,KAACG,eAAA,EAAa,WAAU,WAAU;AAAA,YAC7C,WAAU;AAAA,YACX;AAAA;AAAA,QAED;AAAA,SAEJ;AAAA,OACF;AAAA,IACC,WACC,gBAAAH;AAAA,MAAC;AAAA;AAAA,QACC,KAAK;AAAA,QACL,OAAO;AAAA,QACP,OAAM;AAAA,QACN;AAAA,QACA;AAAA,QACA,iBAAe;AAAA;AAAA,IACjB,IAEA,gBAAAC,MAAC,SAAI,WAAU,+DACb;AAAA,sBAAAD,KAAC,aAAU,WAAU,0CAAyC;AAAA,MAC9D,gBAAAA,KAAC,OAAE,WAAU,2BAA0B,sCAAwB;AAAA,OACjE;AAAA,KAEJ;AAEJ;;;AChJA,SAAgB,YAAAI,WAAU,aAAAC,YAAW,iBAA4B;AAiI7D,gBAAAC,MAsII,QAAAC,aAtIJ;AAtFG,IAAM,sBAAN,cAAkC,UAAkD;AAAA,EACzF,YAAY,OAA2B;AACrC,UAAM,KAAK;AACX,SAAK,QAAQ,EAAE,UAAU,MAAM;AAAA,EACjC;AAAA,EAEA,OAAO,2BAA+C;AACpD,WAAO,EAAE,UAAU,KAAK;AAAA,EAC1B;AAAA,EAEA,kBAAkB,OAAc,WAA4B;AAC1D,YAAQ,KAAK,0CAA0C,OAAO,SAAS;AAAA,EACzE;AAAA,EAEA,SAAS;AACP,QAAI,KAAK,MAAM,SAAU,QAAO,KAAK,MAAM;AAC3C,WAAO,KAAK,MAAM;AAAA,EACpB;AACF;AAyDA,SAAS,UAAU,QAAwB;AACzC,MAAI;AAAE,WAAO,IAAI,IAAI,MAAM,EAAE,SAAS,QAAQ,QAAQ,EAAE;AAAA,EAAE,QACpD;AAAE,WAAO;AAAA,EAAgB;AACjC;AAEA,SAAS,cAAc,QAAwB;AAC7C,SAAO,OAAO,MAAM,GAAG,EAAE,CAAC,EAAE,QAAQ,MAAM,GAAG,EAAE,QAAQ,SAAS,OAAK,EAAE,YAAY,CAAC;AACtF;AAEA,IAAM,mBAAmB,CAAC,EAAE,OAAO,GAAG,MACpC,gBAAAD,KAAC,SAAI,OAAO,MAAM,QAAQ,MAAM,MAAK,QAAO,QAAO,gBAAe,SAAQ,aAAY,WAAU,uFAC9F,0BAAAA,KAAC,UAAK,eAAc,SAAQ,gBAAe,SAAQ,aAAa,GAAG,GAAE,gFAA+E,GACtJ;AAGF,IAAM,UAAU,CAAC,EAAE,KAAK,OAAO,UAAU,MACvC,gBAAAA,KAAC,SAAI,KAAU,KAAI,IAAG,WAAW,MAAM,SAAS,CAAC,MAAM;AAAE,EAAC,EAAE,OAA4B,MAAM,UAAU;AAAO,GAAG;AAqB7G,IAAM,gBAA8C,CAAC;AAAA,EAC1D;AAAA,EACA;AAAA,EACA,iBAAiB;AAAA,EACjB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,UAAU;AAAA,EACV,oBAAoB;AACtB,MAAM;AACJ,QAAM,CAAC,QAAQ,SAAS,IAAIE,UAAwB,IAAI;AACxD,QAAM,CAAC,SAAS,UAAU,IAAIA,UAAS,IAAI;AAC3C,QAAM,CAAC,OAAO,QAAQ,IAAIA,UAAS,KAAK;AACxC,QAAM,CAAC,YAAY,aAAa,IAAIA,UAAS,KAAK;AAClD,QAAM,CAAC,oBAAoB,qBAAqB,IAAIA,UAAS,KAAK;AAClE,QAAM,CAAC,oBAAoB,qBAAqB,IAAIA,UAAS,KAAK;AAElE,MAAI,aAAa;AACjB,MAAI,cAAc;AAClB,MAAI;AACF,QAAI,OAAO,OAAO,QAAQ,UAAU;AAClC,YAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,UAAI,CAAC,aAAa,aAAa,SAAS,EAAE,SAAS,OAAO,QAAQ,KAC9D,OAAO,SAAS,WAAW,UAAU,KAAK,OAAO,SAAS,WAAW,KAAK,KAAK,OAAO,SAAS,WAAW,MAAM,GAAG;AACrH,sBAAc;AAAA,MAChB;AAAA,IACF,OAAO;AACL,mBAAa;AAAA,IACf;AAAA,EACF,QAAQ;AACN,iBAAa;AAAA,EACf;AAEA,EAAAC,WAAU,MAAM;AACd,QAAI,CAAC,cAAc,YAAa;AAEhC,UAAM,cAAc,YAAY;AAC9B,UAAI;AACF,YAAI,IAAI,GAAG;AACX,mBAAW,IAAI;AAOf,cAAM,WAAW,GAAG,cAAc,EAAE,GAAG,cAAc,QAAQ,mBAAmB,GAAG,CAAC;AACpF,cAAM,WAAW,MAAM,MAAM,QAAQ;AACrC,YAAI,SAAS,IAAI;AACf,gBAAM,OAAO,MAAM,SAAS,KAAK;AACjC,cAAI,MAAM,SAAS,KAAK,UAAU,4BAA4B;AAC5D,sBAAU,IAAI;AAAA,UAChB,OAAO;AACL,qBAAS,IAAI;AAAA,UACf;AAAA,QACF,OAAO;AACL,mBAAS,IAAI;AAAA,QACf;AAAA,MACF,QAAQ;AACN,iBAAS,IAAI;AAAA,MACf,UAAE;AACA,mBAAW,KAAK;AAAA,MAClB;AAAA,IACF;AAEA,gBAAY;AAAA,EACd,GAAG,CAAC,KAAK,YAAY,aAAa,YAAY,cAAc,CAAC;AAE7D,QAAM,YAAY,YAAY;AAC9B,QAAM,SAAS,UAAU,GAAG;AAE5B,QAAM,gBAA+B,WAAW,QAAQ;AAAA,IACtD,OAAO,iBAAiB,cAAc,MAAM;AAAA,IAC5C,aAAa,uBAAuB;AAAA,IACpC,OAAO;AAAA,IACP;AAAA,IACA,UAAU,mBAAmB;AAAA,IAC7B,MAAM;AAAA,IACN,SAAS,6CAA6C,MAAM;AAAA,EAC9D,IAAI;AAIJ,QAAM,sBACJ,qBAAqB,uBAAuB,eAAe,QACvD,oBAAoB,cAAc,OAAO,cAAc,YAAY,MAAM,IACzE;AAEN,QAAM,mBAAoB,eAAe,SAAS,CAAC,aAC/C,cAAc,QACb,eAAe,iBAAiB,CAAC,qBAChC,cAAc,gBACb,iBAAiB,CAAC,qBACjB,gBACA;AAER,QAAM,WAAW,CAAC,CAAC;AACnB,QAAM,kBAAkB,qBAAqB;AAC7C,QAAM,gBAAgB,qBAAqB,uBAAuB,CAAC;AACnE,QAAM,UAAU,kBAAkB,oBAAoB,MAAM,yBAAyB;AAErF,QAAM,iBAAiB,MAAM,YAC3B,gBAAAH,KAAC,SAAI,WAAU,QACb,0BAAAC,MAAC,SAAI,WAAU,2FACb;AAAA,oBAAAD,KAAC,SAAI,WAAU,gEAA+D;AAAA,IAC9E,gBAAAC,MAAC,SAAI,WAAU,2CACb;AAAA,sBAAAD,KAAC,SAAI,WAAU,wDAAuD;AAAA,MACtE,gBAAAA,KAAC,SAAI,WAAU,yDAAwD;AAAA,MACvE,gBAAAA,KAAC,SAAI,WAAU,wDAAuD;AAAA,MACtE,gBAAAA,KAAC,SAAI,WAAU,mDAAkD;AAAA,OACnE;AAAA,KACF,GACF,IAEA,gBAAAA,KAAC,SAAI,WAAU,QACb,0BAAAC,MAAC,SAAI,WAAU,yEACb;AAAA,oBAAAD,KAAC,SAAI,WAAU,8EAA6E;AAAA,IAC5F,gBAAAA,KAAC,SAAI,WAAU,OACb,0BAAAC,MAAC,SAAI,WAAU,0BACb;AAAA,sBAAAD,KAAC,SAAI,WAAU,sEAAqE;AAAA,MACpF,gBAAAC,MAAC,SAAI,WAAU,kBACb;AAAA,wBAAAA,MAAC,SAAI,WAAU,qDACb;AAAA,0BAAAD,KAAC,SAAI,WAAU,yCAAwC,OAAO,EAAE,QAAQ,WAAW,cAAc,UAAU,GAAG;AAAA,UAC9G,gBAAAA,KAAC,SAAI,WAAU,+CAA8C,OAAO,EAAE,QAAQ,UAAU,GAAG;AAAA,WAC7F;AAAA,QACA,gBAAAC,MAAC,SAAI,WAAU,qDACb;AAAA,0BAAAD,KAAC,SAAI,WAAU,yCAAwC,OAAO,EAAE,QAAQ,WAAW,cAAc,UAAU,GAAG;AAAA,UAC9G,gBAAAA,KAAC,SAAI,WAAU,+CAA8C,OAAO,EAAE,QAAQ,UAAU,GAAG;AAAA,WAC7F;AAAA,QACA,gBAAAC,MAAC,SAAI,WAAU,2BACb;AAAA,0BAAAD,KAAC,SAAI,WAAU,yCAAwC,OAAO,EAAE,QAAQ,WAAW,OAAO,OAAO,GAAG;AAAA,UACpG,gBAAAA,KAAC,SAAI,WAAU,yCAAwC,OAAO,EAAE,QAAQ,WAAW,OAAO,OAAO,GAAG;AAAA,WACtG;AAAA,SACF;AAAA,OACF,GACF;AAAA,KACF,GACF;AAGF,MAAI,CAAC,OAAO,OAAO,QAAQ,YAAY,CAAC,WAAY,QAAO,eAAe;AAE1E,MAAI,aAAa;AACf,WACE,gBAAAA,KAAC,SAAI,WAAU,QACb,0BAAAC;AAAA,MAAC;AAAA;AAAA,QAAE,MAAM;AAAA,QAAK,QAAO;AAAA,QAAS,KAAI;AAAA,QAChC,WAAU;AAAA,QACV;AAAA,0BAAAD,KAAC,UAAK,WAAU,aAAa,eAAI;AAAA,UACjC,gBAAAA,KAAC,oBAAiB,MAAM,IAAI;AAAA;AAAA;AAAA,IAC9B,GACF;AAAA,EAEJ;AAEA,MAAI,QAAS,QAAO,eAAe;AACnC,MAAI,CAAC,cAAe,QAAO,eAAe;AAE1C,QAAM,QAAQ,iBAAiB,cAAc;AAI7C,QAAM,cAAc,uBAAuB,cAAc,eAAe;AACxE,QAAM,WAAW,UAAU,cAAc,GAAG;AAC5C,QAAM,aAAa,cAAc,WAAW,6CAA6C,QAAQ;AACjG,QAAM,UAAU,mBAAmB;AAEnC,QAAM,mBAAmB,MAAM;AAC7B,QAAI,cAAc,SAAS,CAAC,WAAY,eAAc,IAAI;AAAA,aACjD,cAAc,iBAAiB,CAAC,mBAAoB,uBAAsB,IAAI;AAAA,QAClF,uBAAsB,IAAI;AAAA,EACjC;AAEA,QAAM,cAAc,MAAM;AACxB,QAAI,CAAC,iBAAkB,QAAO;AAC9B,QAAI,eAAe;AACjB,aACE,gBAAAA;AAAA,QAAC;AAAA;AAAA,UAAI,KAAK;AAAA,UAAkB,KAAK;AAAA,UAC/B,WAAU;AAAA;AAAA,MAAyD;AAAA,IAEzE;AACA,QAAI,iBAAiB;AACnB,aACE,gBAAAA;AAAA,QAAC;AAAA;AAAA,UAAM,KAAK;AAAA,UAAkB,KAAK;AAAA,UAAO,MAAI;AAAA,UAC5C,WAAU;AAAA,UACV,SAAS;AAAA,UACT,aAAa,iBAAiB,SAAS,gBAAgB;AAAA;AAAA,MAAG;AAAA,IAEhE;AACA,WACE,gBAAAA;AAAA,MAAC;AAAA;AAAA,QAAI,KAAK;AAAA,QAAkB,KAAK;AAAA,QAC/B,WAAU;AAAA,QACV,SAAS;AAAA;AAAA,IAAkB;AAAA,EAEjC;AAEA,MAAI,WAAW;AACb,QAAI,CAAC,UAAU;AACb,aACE,gBAAAA,KAAC,SAAI,WAAU,QACb,0BAAAC;AAAA,QAAC;AAAA;AAAA,UAAE,MAAM,cAAc;AAAA,UAAK,QAAO;AAAA,UAAS,KAAI;AAAA,UAC9C,WAAU;AAAA,UACV;AAAA,4BAAAD,KAAC,SAAI,WAAU,yFACb,0BAAAA,KAAC,WAAQ,KAAK,YAAY,MAAK,WAAU,GAC3C;AAAA,YACA,gBAAAC,MAAC,SAAI,WAAU,kBACb;AAAA,8BAAAD,KAAC,QAAG,WAAU,gHAAgH,iBAAM;AAAA,cACnI,eACC,gBAAAA,KAAC,OAAE,WAAU,sDAAsD,uBAAY;AAAA,eAEnF;AAAA,YACA,gBAAAA,KAAC,oBAAiB,MAAM,IAAI;AAAA;AAAA;AAAA,MAC9B,GACF;AAAA,IAEJ;AACA,WACE,gBAAAA,KAAC,SAAI,WAAU,QACb,0BAAAC;AAAA,MAAC;AAAA;AAAA,QAAE,MAAM,cAAc;AAAA,QAAK,QAAO;AAAA,QAAS,KAAI;AAAA,QAC9C,WAAU;AAAA,QACV;AAAA,0BAAAD,KAAC,SAAI,WAAU,sIAAqI,OAAO,EAAE,iBAAiB,QAAQ,GACnL,sBAAY,GACf;AAAA,UACA,gBAAAC,MAAC,SAAI,WAAU,mDACb;AAAA,4BAAAD;AAAA,cAAC;AAAA;AAAA,gBAAG,WAAU;AAAA,gBACZ,OAAO,EAAE,SAAS,eAAe,iBAAiB,GAAG,iBAAiB,WAAW;AAAA,gBAAI;AAAA;AAAA,YAAM;AAAA,YAC5F,eACC,gBAAAA;AAAA,cAAC;AAAA;AAAA,gBAAE,WAAU;AAAA,gBACX,OAAO,EAAE,SAAS,eAAe,iBAAiB,GAAG,iBAAiB,WAAW;AAAA,gBAAI;AAAA;AAAA,YAAY;AAAA,YAErG,gBAAAA,KAAC,SAAI,WAAU,iDAAiD,wBAAc,YAAY,UAAS;AAAA,aACrG;AAAA;AAAA;AAAA,IACF,GACF;AAAA,EAEJ;AAEA,MAAI,CAAC,UAAU;AACb,WACE,gBAAAA,KAAC,SAAI,WAAU,QACb,0BAAAC;AAAA,MAAC;AAAA;AAAA,QAAE,MAAM,cAAc;AAAA,QAAK,QAAO;AAAA,QAAS,KAAI;AAAA,QAC9C,WAAU;AAAA,QACV;AAAA,0BAAAD,KAAC,SAAI,WAAU,2FACb,0BAAAA,KAAC,WAAQ,KAAK,YAAY,GAC5B;AAAA,UACA,gBAAAC,MAAC,SAAI,WAAU,kBACb;AAAA,4BAAAD,KAAC,QAAG,WAAU,kHAAkH,iBAAM;AAAA,YACrI,eACC,gBAAAA,KAAC,OAAE,WAAU,sDAAsD,uBAAY;AAAA,aAEnF;AAAA,UACA,gBAAAA,KAAC,oBAAiB;AAAA;AAAA;AAAA,IACpB,GACF;AAAA,EAEJ;AAEA,SACE,gBAAAA,KAAC,SAAI,WAAU,QACb,0BAAAC;AAAA,IAAC;AAAA;AAAA,MAAE,MAAM,cAAc;AAAA,MAAK,QAAO;AAAA,MAAS,KAAI;AAAA,MAC9C,WAAU;AAAA,MACV;AAAA,wBAAAD,KAAC,SAAI,WAAU,2HAA0H,OAAO,EAAE,iBAAiB,QAAQ,GACxK,sBAAY,GACf;AAAA,QACA,gBAAAA,KAAC,SAAI,WAAU,OACb,0BAAAC,MAAC,SAAI,WAAU,0BACb;AAAA,0BAAAD;AAAA,YAAC;AAAA;AAAA,cAAI,KAAK;AAAA,cAAS,KAAK,mBAAmB;AAAA,cAAI,WAAU;AAAA,cACvD,SAAS,CAAC,MAAM;AAAE,gBAAC,EAAE,OAA4B,MAAM,UAAU;AAAA,cAAO;AAAA;AAAA,UAAG;AAAA,UAC7E,gBAAAC,MAAC,SAAI,WAAU,kBACb;AAAA,4BAAAD;AAAA,cAAC;AAAA;AAAA,gBAAG,WAAU;AAAA,gBACZ,OAAO,EAAE,SAAS,eAAe,iBAAiB,GAAG,iBAAiB,WAAW;AAAA,gBAAI;AAAA;AAAA,YAAM;AAAA,YAC5F,eACC,gBAAAA;AAAA,cAAC;AAAA;AAAA,gBAAE,WAAU;AAAA,gBACX,OAAO,EAAE,SAAS,eAAe,iBAAiB,GAAG,iBAAiB,WAAW;AAAA,gBAAI;AAAA;AAAA,YAAY;AAAA,YAErG,gBAAAC,MAAC,SAAI,WAAU,2DACb;AAAA,8BAAAD,KAAC,UAAK,WAAU,eAAe,wBAAc,UAAS;AAAA,cACtD,gBAAAA,KAAC,UAAK,oBAAC;AAAA,cACP,gBAAAA,KAAC,UAAK,WAAU,YAAY,oBAAS;AAAA,eACvC;AAAA,aACF;AAAA,WACF,GACF;AAAA;AAAA;AAAA,EACF,GACF;AAEJ;","names":["jsx","jsxs","jsx","jsxs","useState","ExternalLink","jsx","jsxs","useState","ExternalLink","useState","useEffect","jsx","jsxs","useState","useEffect"]}

package/dist/chunk-YETA25JW.cjs

@@ -1,354 +0,0 @@
-"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } } function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }"use client";
-
-// src/hooks/ui/use-auto-limit-tags.ts
-var _react = require('react');
-function useAutoLimitTags({
-  count,
-  limitTags = "auto",
-  placeholder = "",
-  reserveInputWidth = true
-}) {
-  const middleRef = _react.useRef.call(void 0, null);
-  const measureRef = _react.useRef.call(void 0, null);
-  const textMeasureRef = _react.useRef.call(void 0, null);
-  const badgeRef = _react.useRef.call(void 0, null);
-  const inputRef = _react.useRef.call(void 0, null);
-  const [visibleCount, setVisibleCount] = _react.useState.call(void 0, count);
-  const recalculate = _react.useCallback.call(void 0, () => {
-    if (limitTags !== "auto") {
-      setVisibleCount(Math.min(limitTags, count));
-      return;
-    }
-    const middle = middleRef.current;
-    const measure = measureRef.current;
-    if (!middle || !measure) {
-      setVisibleCount(count);
-      return;
-    }
-    if (count === 0) {
-      setVisibleCount(0);
-      return;
-    }
-    const cs = getComputedStyle(middle);
-    const padL = parseFloat(cs.paddingLeft) || 0;
-    const padR = parseFloat(cs.paddingRight) || 0;
-    const gap = parseFloat(cs.gap) || 0;
-    const middleW = middle.clientWidth;
-    let inputReservedW = 0;
-    let trailingGap = 0;
-    if (reserveInputWidth) {
-      const textW = _nullishCoalesce(_optionalChain([textMeasureRef, 'access', _ => _.current, 'optionalAccess', _2 => _2.offsetWidth]), () => ( 60));
-      const inputMinW = inputRef.current ? parseFloat(getComputedStyle(inputRef.current).minWidth) || 60 : 60;
-      inputReservedW = Math.max(textW + 8, inputMinW);
-      trailingGap = gap;
-    }
-    const available = middleW - padL - padR - inputReservedW - trailingGap;
-    const tagEls = Array.from(measure.children);
-    const widths = tagEls.map((el) => el.offsetWidth);
-    let total = 0;
-    for (let i = 0; i < widths.length; i++) {
-      total += widths[i] + (i > 0 ? gap : 0);
-    }
-    if (total <= available) {
-      setVisibleCount(count);
-      return;
-    }
-    const badgeW = _nullishCoalesce(_optionalChain([badgeRef, 'access', _3 => _3.current, 'optionalAccess', _4 => _4.offsetWidth]), () => ( 40));
-    const spaceWithBadge = available - badgeW - gap;
-    let used = 0;
-    let fitCount = 0;
-    for (let i = 0; i < widths.length; i++) {
-      const need = widths[i] + (i > 0 ? gap : 0);
-      if (used + need > spaceWithBadge) break;
-      used += need;
-      fitCount++;
-    }
-    setVisibleCount(Math.max(0, fitCount));
-  }, [count, limitTags, placeholder, reserveInputWidth]);
-  _react.useEffect.call(void 0, () => {
-    recalculate();
-  }, [recalculate]);
-  _react.useEffect.call(void 0, () => {
-    const el = middleRef.current;
-    if (!el) return;
-    const ro = new ResizeObserver(recalculate);
-    ro.observe(el);
-    return () => ro.disconnect();
-  }, [recalculate]);
-  return { visibleCount, middleRef, measureRef, textMeasureRef, badgeRef, inputRef };
-}
-
-// src/hooks/ui/use-debounce.ts
-
-function useDebounce(value, delay = 500) {
-  const [debouncedValue, setDebouncedValue] = _react.useState.call(void 0, value);
-  _react.useEffect.call(void 0, () => {
-    const timer = setTimeout(() => {
-      setDebouncedValue(value);
-    }, delay);
-    return () => {
-      clearTimeout(timer);
-    };
-  }, [value, delay]);
-  return debouncedValue;
-}
-
-// src/utils/local-storage-adapter.ts
-function getStorage(backend) {
-  if (typeof window === "undefined") return null;
-  try {
-    return backend === "session" ? window.sessionStorage : window.localStorage;
-  } catch (e) {
-    return null;
-  }
-}
-function createLocalStorageAdapter(options) {
-  const tag = _nullishCoalesce(options.logTag, () => ( "[local-storage]"));
-  const backend = _nullishCoalesce(options.backend, () => ( "local"));
-  const resolveKey = () => {
-    const ns = _optionalChain([options, 'access', _5 => _5.namespace, 'optionalCall', _6 => _6()]);
-    return ns ? `${ns}.${options.key}` : options.key;
-  };
-  return {
-    resolveKey,
-    load() {
-      const storage = getStorage(backend);
-      if (!storage) return null;
-      try {
-        const raw = storage.getItem(resolveKey());
-        if (!raw) return null;
-        const parsed = JSON.parse(raw);
-        if (options.validate && !options.validate(parsed)) return null;
-        return parsed;
-      } catch (err) {
-        console.warn(`${tag} parse failed for key ${resolveKey()}:`, err);
-        return null;
-      }
-    },
-    save(value) {
-      const storage = getStorage(backend);
-      if (!storage) return;
-      try {
-        storage.setItem(resolveKey(), JSON.stringify(value));
-      } catch (err) {
-        console.warn(`${tag} write failed for key ${resolveKey()}:`, err);
-      }
-    },
-    clear() {
-      const storage = getStorage(backend);
-      if (!storage) return;
-      try {
-        storage.removeItem(resolveKey());
-      } catch (err) {
-        console.warn(`${tag} clear failed for key ${resolveKey()}:`, err);
-      }
-    }
-  };
-}
-
-// src/utils/app-config.ts
-function getAppType() {
-  return process.env.NEXT_PUBLIC_APP_TYPE || "openmsp";
-}
-
-// src/utils/embed-proxy-auth-storage.ts
-function isValidPersistedAuth(value) {
-  if (!value || typeof value !== "object") return false;
-  const v = value;
-  if (typeof v.secret !== "string" || v.secret.trim().length === 0 || typeof v.email !== "string" || v.email.trim().length === 0) return false;
-  if (v.firstName != null && typeof v.firstName !== "string") return false;
-  if (v.lastName != null && typeof v.lastName !== "string") return false;
-  if (v.avatarUrl != null && typeof v.avatarUrl !== "string") return false;
-  return true;
-}
-var adapter = createLocalStorageAdapter({
-  // Storage key unchanged from the legacy chat-prefixed helper. Renaming
-  // it would silently log every existing admin out — the key is a
-  // storage contract, not a code identifier.
-  key: "chat.proxy-auth.v1",
-  namespace: () => getAppType(),
-  validate: isValidPersistedAuth,
-  logTag: "[embed-proxy-auth-storage]",
-  // localStorage — survives tab close, new tabs, and browser restarts.
-  // Admin re-pasting creds every tab cycle was the dev-experience
-  // tradeoff prior `sessionStorage` setup demanded — rejected. See
-  // file-level doc comment for the security tradeoff rationale.
-  backend: "local"
-});
-function normalizeOptional(value) {
-  if (!value) return void 0;
-  const trimmed = value.trim();
-  return trimmed.length > 0 ? trimmed : void 0;
-}
-function getEmbedProxyAuth() {
-  const persisted = adapter.load();
-  if (!persisted) return null;
-  return {
-    secret: persisted.secret,
-    email: persisted.email.trim().toLowerCase(),
-    firstName: normalizeOptional(persisted.firstName),
-    lastName: normalizeOptional(persisted.lastName),
-    avatarUrl: normalizeOptional(persisted.avatarUrl)
-  };
-}
-function getPersistedProxyEmail() {
-  const persisted = adapter.load();
-  return _nullishCoalesce(_optionalChain([persisted, 'optionalAccess', _7 => _7.email, 'access', _8 => _8.trim, 'call', _9 => _9(), 'access', _10 => _10.toLowerCase, 'call', _11 => _11()]), () => ( null));
-}
-function setEmbedProxyAuth(value) {
-  adapter.save({
-    secret: value.secret,
-    email: value.email.trim().toLowerCase(),
-    firstName: normalizeOptional(value.firstName),
-    lastName: normalizeOptional(value.lastName),
-    avatarUrl: normalizeOptional(value.avatarUrl)
-  });
-}
-function clearEmbedProxyAuth() {
-  adapter.clear();
-}
-function applyProxyAuth(url, baseHeaders = { "Content-Type": "application/json" }) {
-  const auth = getEmbedProxyAuth();
-  const headers = { ...baseHeaders };
-  if (_optionalChain([auth, 'optionalAccess', _12 => _12.secret])) {
-    headers.Authorization = `Bearer ${auth.secret}`;
-  }
-  if (_optionalChain([auth, 'optionalAccess', _13 => _13.email])) {
-    headers["X-Chat-Act-As"] = auth.email;
-  }
-  if (_optionalChain([auth, 'optionalAccess', _14 => _14.firstName])) headers["X-Chat-First-Name"] = auth.firstName;
-  if (_optionalChain([auth, 'optionalAccess', _15 => _15.lastName])) headers["X-Chat-Last-Name"] = auth.lastName;
-  if (_optionalChain([auth, 'optionalAccess', _16 => _16.avatarUrl])) headers["X-Chat-Avatar-Url"] = auth.avatarUrl;
-  return { url, headers };
-}
-
-// src/utils/embed-authed-fetch.ts
-var ADAPTER_GLOBAL_KEY = "__embedAuthedFetchAdapter__";
-function getRegisteredAuthAdapter() {
-  if (typeof globalThis === "undefined") return null;
-  return _nullishCoalesce(globalThis[ADAPTER_GLOBAL_KEY], () => ( null));
-}
-function storeRegisteredAuthAdapter(adapter2) {
-  if (typeof globalThis === "undefined") return;
-  globalThis[ADAPTER_GLOBAL_KEY] = adapter2;
-}
-function setEmbedAuthAdapter(adapter2) {
-  if (adapter2 && getRegisteredAuthAdapter() && process.env.NODE_ENV !== "production") {
-    console.warn(
-      "[setEmbedAuthAdapter] overwriting a previously-registered auth adapter. Two chat-runtime providers should not coexist \u2014 verify mount order and pass `null` from the unmounting provider."
-    );
-  }
-  storeRegisteredAuthAdapter(adapter2);
-}
-function hasEmbedAuthAdapter() {
-  return getRegisteredAuthAdapter() !== null;
-}
-function embedAuthedFetch(url, init = {}) {
-  assertSameOrigin(url);
-  let baseHeaders;
-  if (init.headers === void 0) {
-    baseHeaders = { "Content-Type": "application/json" };
-  } else {
-    baseHeaders = {};
-    if (init.headers instanceof Headers) {
-      init.headers.forEach((v, k) => {
-        baseHeaders[k] = v;
-      });
-    } else if (Array.isArray(init.headers)) {
-      for (const [k, v] of init.headers) baseHeaders[k] = v;
-    } else {
-      Object.assign(baseHeaders, init.headers);
-    }
-  }
-  return fetchWithRefresh(url, init, baseHeaders, false);
-}
-var IN_FLIGHT_REFRESH_GLOBAL_KEY = "__embedAuthedFetchInFlightRefresh__";
-function getInFlightRefresh() {
-  if (typeof globalThis === "undefined") return null;
-  return _nullishCoalesce(globalThis[IN_FLIGHT_REFRESH_GLOBAL_KEY], () => ( null));
-}
-function setInFlightRefresh(refresh) {
-  if (typeof globalThis === "undefined") return;
-  globalThis[IN_FLIGHT_REFRESH_GLOBAL_KEY] = refresh;
-}
-function dedupedRefresh() {
-  const adapter2 = getRegisteredAuthAdapter();
-  if (!_optionalChain([adapter2, 'optionalAccess', _17 => _17.refresh])) return Promise.resolve(false);
-  let inFlightRefresh = getInFlightRefresh();
-  if (!inFlightRefresh) {
-    inFlightRefresh = Promise.resolve().then(() => adapter2.refresh()).catch(() => false).finally(() => {
-      setInFlightRefresh(null);
-    });
-    setInFlightRefresh(inFlightRefresh);
-  }
-  return inFlightRefresh;
-}
-async function fetchWithRefresh(url, init, baseHeaders, isRetry) {
-  const { url: authedUrl, headers } = applyProxyAuth(url, { ...baseHeaders });
-  const adapter2 = getRegisteredAuthAdapter();
-  if (_optionalChain([adapter2, 'optionalAccess', _18 => _18.getHeaders])) {
-    for (const [k, v] of Object.entries(adapter2.getHeaders())) {
-      if (v !== void 0) headers[k] = v;
-    }
-  }
-  const credentials = _nullishCoalesce(_nullishCoalesce(_optionalChain([adapter2, 'optionalAccess', _19 => _19.credentials]), () => ( init.credentials)), () => ( "same-origin"));
-  const response = await fetch(authedUrl, {
-    ...init,
-    headers,
-    // Default `same-origin` carries Supabase cookies for the MPH proxy-
-    // auth model. Hosts on different origins (openframe-frontend ↔
-    // openframe gateway) register `credentials: 'include'` via the
-    // adapter to make their own cookies travel cross-origin (CORS +
-    // `SameSite=None` must be configured server-side for that to work).
-    credentials
-  });
-  if (response.status === 401 && !isRetry && _optionalChain([adapter2, 'optionalAccess', _20 => _20.refresh])) {
-    const refreshed = await dedupedRefresh();
-    if (refreshed) {
-      return fetchWithRefresh(url, init, baseHeaders, true);
-    }
-  }
-  return response;
-}
-function assertSameOrigin(url) {
-  if (typeof window === "undefined") return;
-  let target;
-  let pageOrigin;
-  try {
-    target = new URL(url, window.location.href);
-    pageOrigin = new URL(window.location.href).origin;
-  } catch (e2) {
-    throw new Error(`embedAuthedFetch: refusing to fetch malformed URL (${JSON.stringify(url)})`);
-  }
-  if (target.protocol !== "http:" && target.protocol !== "https:") {
-    throw new Error(
-      `embedAuthedFetch: refusing non-http(s) URL (${target.protocol}) \u2014 pass a relative /api/* path instead`
-    );
-  }
-  if (target.origin !== pageOrigin) {
-    if (process.env.NODE_ENV !== "production") {
-      console.warn(
-        `[embedAuthedFetch] cross-origin fetch to ${target.origin} allowed in dev (NODE_ENV !== 'production'). Production builds will reject this \u2014 wire a same-origin proxy before shipping.`
-      );
-      return;
-    }
-    throw new Error(
-      `embedAuthedFetch: refusing cross-origin fetch to ${target.origin} \u2014 pass a relative /api/* path instead`
-    );
-  }
-}
-
-
-
-
-
-
-
-
-
-
-
-
-
-exports.useAutoLimitTags = useAutoLimitTags; exports.useDebounce = useDebounce; exports.getAppType = getAppType; exports.getEmbedProxyAuth = getEmbedProxyAuth; exports.getPersistedProxyEmail = getPersistedProxyEmail; exports.setEmbedProxyAuth = setEmbedProxyAuth; exports.clearEmbedProxyAuth = clearEmbedProxyAuth; exports.applyProxyAuth = applyProxyAuth; exports.setEmbedAuthAdapter = setEmbedAuthAdapter; exports.hasEmbedAuthAdapter = hasEmbedAuthAdapter; exports.embedAuthedFetch = embedAuthedFetch;
-//# sourceMappingURL=chunk-YETA25JW.cjs.map

package/dist/chunk-YETA25JW.cjs.map

@@ -1 +0,0 @@
-{"version":3,"sources":["/home/runner/work/openframe-oss-lib/openframe-oss-lib/openframe-frontend-core/dist/chunk-YETA25JW.cjs","../src/hooks/ui/use-auto-limit-tags.ts","../src/hooks/ui/use-debounce.ts","../src/utils/local-storage-adapter.ts","../src/utils/app-config.ts","../src/utils/embed-proxy-auth-storage.ts","../src/utils/embed-authed-fetch.ts"],"names":["useState","useEffect","adapter"],"mappings":"AAAA,6rBAAY;AACZ;AACA;ACAA,8BAAyD;AA2ClD,SAAS,gBAAA,CAAiB;AAAA,EAC/B,KAAA;AAAA,EACA,UAAA,EAAY,MAAA;AAAA,EACZ,YAAA,EAAc,EAAA;AAAA,EACd,kBAAA,EAAoB;AACtB,CAAA,EAAoD;AAClD,EAAA,MAAM,UAAA,EAAY,2BAAA,IAA2B,CAAA;AAC7C,EAAA,MAAM,WAAA,EAAa,2BAAA,IAA2B,CAAA;AAC9C,EAAA,MAAM,eAAA,EAAiB,2BAAA,IAA4B,CAAA;AACnD,EAAA,MAAM,SAAA,EAAW,2BAAA,IAA8B,CAAA;AAC/C,EAAA,MAAM,SAAA,EAAW,2BAAA,IAA6B,CAAA;AAC9C,EAAA,MAAM,CAAC,YAAA,EAAc,eAAe,EAAA,EAAI,6BAAA,KAAc,CAAA;AAEtD,EAAA,MAAM,YAAA,EAAc,gCAAA,CAAY,EAAA,GAAM;AAEpC,IAAA,GAAA,CAAI,UAAA,IAAc,MAAA,EAAQ;AACxB,MAAA,eAAA,CAAgB,IAAA,CAAK,GAAA,CAAI,SAAA,EAAW,KAAK,CAAC,CAAA;AAC1C,MAAA,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,OAAA,EAAS,SAAA,CAAU,OAAA;AACzB,IAAA,MAAM,QAAA,EAAU,UAAA,CAAW,OAAA;AAC3B,IAAA,GAAA,CAAI,CAAC,OAAA,GAAU,CAAC,OAAA,EAAS;AACvB,MAAA,eAAA,CAAgB,KAAK,CAAA;AACrB,MAAA,MAAA;AAAA,IACF;AACA,IAAA,GAAA,CAAI,MAAA,IAAU,CAAA,EAAG;AACf,MAAA,eAAA,CAAgB,CAAC,CAAA;AACjB,MAAA,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,GAAA,EAAK,gBAAA,CAAiB,MAAM,CAAA;AAClC,IAAA,MAAM,KAAA,EAAO,UAAA,CAAW,EAAA,CAAG,WAAW,EAAA,GAAK,CAAA;AAC3C,IAAA,MAAM,KAAA,EAAO,UAAA,CAAW,EAAA,CAAG,YAAY,EAAA,GAAK,CAAA;AAC5C,IAAA,MAAM,IAAA,EAAM,UAAA,CAAW,EAAA,CAAG,GAAG,EAAA,GAAK,CAAA;AAClC,IAAA,MAAM,QAAA,EAAU,MAAA,CAAO,WAAA;AAKvB,IAAA,IAAI,eAAA,EAAiB,CAAA;AACrB,IAAA,IAAI,YAAA,EAAc,CAAA;AAClB,IAAA,GAAA,CAAI,iBAAA,EAAmB;AACrB,MAAA,MAAM,MAAA,mCAAQ,cAAA,mBAAe,OAAA,6BAAS,aAAA,UAAe,IAAA;AACrD,MAAA,MAAM,UAAA,EAAY,QAAA,CAAS,QAAA,EACvB,UAAA,CAAW,gBAAA,CAAiB,QAAA,CAAS,OAAO,CAAA,CAAE,QAAQ,EAAA,GAAK,GAAA,EAC3D,EAAA;AACJ,MAAA,eAAA,EAAiB,IAAA,CAAK,GAAA,CAAI,MAAA,EAAQ,CAAA,EAAG,SAAS,CAAA;AAC9C,MAAA,YAAA,EAAc,GAAA;AAAA,IAChB;AAGA,IAAA,MAAM,UAAA,EAAY,QAAA,EAAU,KAAA,EAAO,KAAA,EAAO,eAAA,EAAiB,WAAA;AAG3D,IAAA,MAAM,OAAA,EAAS,KAAA,CAAM,IAAA,CAAK,OAAA,CAAQ,QAAQ,CAAA;AAC1C,IAAA,MAAM,OAAA,EAAS,MAAA,CAAO,GAAA,CAAI,CAAC,EAAA,EAAA,GAAO,EAAA,CAAG,WAAW,CAAA;AAGhD,IAAA,IAAI,MAAA,EAAQ,CAAA;AACZ,IAAA,IAAA,CAAA,IAAS,EAAA,EAAI,CAAA,EAAG,EAAA,EAAI,MAAA,CAAO,MAAA,EAAQ,CAAA,EAAA,EAAK;AACtC,MAAA,MAAA,GAAS,MAAA,CAAO,CAAC,EAAA,EAAA,CAAK,EAAA,EAAI,EAAA,EAAI,IAAA,EAAM,CAAA,CAAA;AAAA,IACtC;AACA,IAAA,GAAA,CAAI,MAAA,GAAS,SAAA,EAAW;AACtB,MAAA,eAAA,CAAgB,KAAK,CAAA;AACrB,MAAA,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,OAAA,mCAAS,QAAA,qBAAS,OAAA,6BAAS,aAAA,UAAe,IAAA;AAChD,IAAA,MAAM,eAAA,EAAiB,UAAA,EAAY,OAAA,EAAS,GAAA;AAE5C,IAAA,IAAI,KAAA,EAAO,CAAA;AACX,IAAA,IAAI,SAAA,EAAW,CAAA;AACf,IAAA,IAAA,CAAA,IAAS,EAAA,EAAI,CAAA,EAAG,EAAA,EAAI,MAAA,CAAO,MAAA,EAAQ,CAAA,EAAA,EAAK;AACtC,MAAA,MAAM,KAAA,EAAO,MAAA,CAAO,CAAC,EAAA,EAAA,CAAK,EAAA,EAAI,EAAA,EAAI,IAAA,EAAM,CAAA,CAAA;AACxC,MAAA,GAAA,CAAI,KAAA,EAAO,KAAA,EAAO,cAAA,EAAgB,KAAA;AAClC,MAAA,KAAA,GAAQ,IAAA;AACR,MAAA,QAAA,EAAA;AAAA,IACF;AAEA,IAAA,eAAA,CAAgB,IAAA,CAAK,GAAA,CAAI,CAAA,EAAG,QAAQ,CAAC,CAAA;AAAA,EACvC,CAAA,EAAG,CAAC,KAAA,EAAO,SAAA,EAAW,WAAA,EAAa,iBAAiB,CAAC,CAAA;AAGrD,EAAA,8BAAA,CAAU,EAAA,GAAM;AACd,IAAA,WAAA,CAAY,CAAA;AAAA,EACd,CAAA,EAAG,CAAC,WAAW,CAAC,CAAA;AAGhB,EAAA,8BAAA,CAAU,EAAA,GAAM;AACd,IAAA,MAAM,GAAA,EAAK,SAAA,CAAU,OAAA;AACrB,IAAA,GAAA,CAAI,CAAC,EAAA,EAAI,MAAA;AACT,IAAA,MAAM,GAAA,EAAK,IAAI,cAAA,CAAe,WAAW,CAAA;AACzC,IAAA,EAAA,CAAG,OAAA,CAAQ,EAAE,CAAA;AACb,IAAA,OAAO,CAAA,EAAA,GAAM,EAAA,CAAG,UAAA,CAAW,CAAA;AAAA,EAC7B,CAAA,EAAG,CAAC,WAAW,CAAC,CAAA;AAEhB,EAAA,OAAO,EAAE,YAAA,EAAc,SAAA,EAAW,UAAA,EAAY,cAAA,EAAgB,QAAA,EAAU,SAAS,CAAA;AACnF;ADlEA;AACA;AE9EA;AAQO,SAAS,WAAA,CAAe,KAAA,EAAU,MAAA,EAAQ,GAAA,EAAQ;AACvD,EAAA,MAAM,CAAC,cAAA,EAAgB,iBAAiB,EAAA,EAAIA,6BAAAA,KAAiB,CAAA;AAE7D,EAAAC,8BAAAA,CAAU,EAAA,GAAM;AAEd,IAAA,MAAM,MAAA,EAAQ,UAAA,CAAW,CAAA,EAAA,GAAM;AAC7B,MAAA,iBAAA,CAAkB,KAAK,CAAA;AAAA,IACzB,CAAA,EAAG,KAAK,CAAA;AAGR,IAAA,OAAO,CAAA,EAAA,GAAM;AACX,MAAA,YAAA,CAAa,KAAK,CAAA;AAAA,IACpB,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,KAAA,EAAO,KAAK,CAAC,CAAA;AAEjB,EAAA,OAAO,cAAA;AACT;AFoEA;AACA;AG/CA,SAAS,UAAA,CAAW,OAAA,EAA4C;AAC9D,EAAA,GAAA,CAAI,OAAO,OAAA,IAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,EAAA,IAAI;AACF,IAAA,OAAO,QAAA,IAAY,UAAA,EAAY,MAAA,CAAO,eAAA,EAAiB,MAAA,CAAO,YAAA;AAAA,EAChE,EAAA,UAAQ;AAGN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEO,SAAS,yBAAA,CACd,OAAA,EACwB;AACxB,EAAA,MAAM,IAAA,mBAAM,OAAA,CAAQ,MAAA,UAAU,mBAAA;AAC9B,EAAA,MAAM,QAAA,mBAA6B,OAAA,CAAQ,OAAA,UAAW,SAAA;AACtD,EAAA,MAAM,WAAA,EAAa,CAAA,EAAA,GAAc;AAC/B,IAAA,MAAM,GAAA,kBAAK,OAAA,qBAAQ,SAAA,0BAAA,CAAY,GAAA;AAC/B,IAAA,OAAO,GAAA,EAAK,CAAA,EAAA;AACd,EAAA;AAEO,EAAA;AACL,IAAA;AACO,IAAA;AACC,MAAA;AACD,MAAA;AACD,MAAA;AACI,QAAA;AACI,QAAA;AACJ,QAAA;AACF,QAAA;AACG,QAAA;AACA,MAAA;AACC,QAAA;AACD,QAAA;AACT,MAAA;AACF,IAAA;AACe,IAAA;AACP,MAAA;AACD,MAAA;AACD,MAAA;AACM,QAAA;AACD,MAAA;AACC,QAAA;AACV,MAAA;AACF,IAAA;AACQ,IAAA;AACA,MAAA;AACD,MAAA;AACD,MAAA;AACM,QAAA;AACD,MAAA;AACC,QAAA;AACV,MAAA;AACF,IAAA;AACF,EAAA;AACF;AH2CiB;AACA;AInID;AACC,EAAA;AACjB;AJqIiB;AACA;AKrGR;AACO,EAAA;AACJ,EAAA;AAEC,EAAA;AAKL,EAAA;AACA,EAAA;AACA,EAAA;AACC,EAAA;AACT;AAEgB;AAA0C;AAAA;AAAA;AAInD,EAAA;AACM,EAAA;AACD,EAAA;AACF,EAAA;AAAA;AAAA;AAAA;AAAA;AAKC,EAAA;AACV;AAIQ;AACK,EAAA;AACN,EAAA;AACS,EAAA;AACjB;AAOgB;AACR,EAAA;AACU,EAAA;AACT,EAAA;AACG,IAAA;AACD,IAAA;AACI,IAAA;AACD,IAAA;AACC,IAAA;AACb,EAAA;AACF;AAMgB;AACR,EAAA;AACC,EAAA;AACT;AAIgB;AACD,EAAA;AACH,IAAA;AACK,IAAA;AACF,IAAA;AACD,IAAA;AACC,IAAA;AACZ,EAAA;AACH;AAGgB;AACA,EAAA;AAChB;AAagB;AAID,EAAA;AACP,EAAA;AACI,EAAA;AACA,IAAA;AACV,EAAA;AACU,EAAA;AACA,IAAA;AACV,EAAA;AAGU,EAAA;AACA,EAAA;AACA,EAAA;AACI,EAAA;AAChB;AL6DiB;AACA;AM1HX;AAEG;AACI,EAAA;AACH,EAAA;AACV;AAES;AACI,EAAA;AAC8B,EAAA;AAC3C;AAYgB;AACVC,EAAAA;AACM,IAAA;AACN,MAAA;AAGF,IAAA;AACF,EAAA;AACA,EAAA;AACF;AAQgB;AACP,EAAA;AACT;AA6BgB;AAId,EAAA;AAaI,EAAA;AACK,EAAA;AACP,IAAA;AACK,EAAA;AACL,IAAA;AACS,IAAA;AACF,MAAA;AACH,QAAA;AACD,MAAA;AACQ,IAAA;AACE,MAAA;AACN,IAAA;AACE,MAAA;AACT,IAAA;AACF,EAAA;AAEO,EAAA;AACT;AAeM;AAEG;AACI,EAAA;AAEP,EAAA;AAKN;AAES;AACI,EAAA;AAC8B,EAAA;AAC3C;AAES;AACDA,EAAAA;AACQ,EAAA;AACV,EAAA;AACC,EAAA;AAIH,IAAA;AAII,MAAA;AACD,IAAA;AACH,IAAA;AACF,EAAA;AACO,EAAA;AACT;AAQe;AAUA,EAAA;AAOPA,EAAAA;AACO,EAAA;AAIC,IAAA;AACA,MAAA;AACZ,IAAA;AACF,EAAA;AACM,EAAA;AAEA,EAAA;AACD,IAAA;AACH,IAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,IAAA;AACD,EAAA;AAKY,EAAA;AACL,IAAA;AACF,IAAA;AACK,MAAA;AACT,IAAA;AACF,EAAA;AAEO,EAAA;AACT;AAqBS;AACI,EAAA;AACP,EAAA;AACA,EAAA;AACA,EAAA;AACW,IAAA;AAKA,IAAA;AACP,EAAA;AACI,IAAA;AACZ,EAAA;AACW,EAAA;AACC,IAAA;AACR,MAAA;AACF,IAAA;AACF,EAAA;AACW,EAAA;AASG,IAAA;AACF,MAAA;AACN,QAAA;AAGF,MAAA;AACA,MAAA;AACF,IAAA;AACU,IAAA;AACR,MAAA;AACF,IAAA;AACF,EAAA;AACF;ANnCiB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/home/runner/work/openframe-oss-lib/openframe-oss-lib/openframe-frontend-core/dist/chunk-YETA25JW.cjs","sourcesContent":[null,"\"use client\"\n\nimport { useCallback, useEffect, useRef, useState } from \"react\"\n\nexport interface UseAutoLimitTagsOptions {\n  /** Total number of tags */\n  count: number\n  /** Fixed limit or \"auto\" for DOM-based measurement. Default \"auto\" */\n  limitTags?: number | \"auto\"\n  /** Placeholder text used to reserve input width (only used in \"auto\" mode) */\n  placeholder?: string\n  /**\n   * Reserve trailing space for a text input (the autocomplete combobox). Set\n   * `false` for a pure chip row that has no input — then only the chips and the\n   * \"+N\" / \"⋯\" overflow badge compete for the available width. Default `true`.\n   */\n  reserveInputWidth?: boolean\n}\n\nexport interface UseAutoLimitTagsReturn {\n  /** How many tags to show */\n  visibleCount: number\n  /** Ref for the zone that contains tags + input (must have overflow-hidden, gap, padding) */\n  middleRef: React.RefObject<HTMLDivElement | null>\n  /** Ref for the off-screen container that holds measurement copies of ALL tags */\n  measureRef: React.RefObject<HTMLDivElement | null>\n  /** Ref for the hidden span that measures placeholder text width */\n  textMeasureRef: React.RefObject<HTMLSpanElement | null>\n  /** Ref for the \"+N\" badge element (used to measure its width) */\n  badgeRef: React.RefObject<HTMLButtonElement | null>\n  /** Ref for the input element (used to read its min-width) */\n  inputRef: React.RefObject<HTMLInputElement | null>\n}\n\n/**\n * Calculates how many tags fit in a single-line container.\n *\n * Requires three off-screen measurement elements rendered by the consumer:\n * 1. A `<div ref={measureRef}>` containing Tag copies for every item (to measure widths)\n * 2. A `<span ref={textMeasureRef}>` containing the placeholder text (to reserve input width)\n * 3. The `<button ref={badgeRef}>` for the \"+N\" badge (to measure badge width)\n *\n * The hook reads real CSS values (padding, gap) from the middleRef container,\n * so it works regardless of responsive breakpoints or custom styling.\n */\nexport function useAutoLimitTags({\n  count,\n  limitTags = \"auto\",\n  placeholder = \"\",\n  reserveInputWidth = true,\n}: UseAutoLimitTagsOptions): UseAutoLimitTagsReturn {\n  const middleRef = useRef<HTMLDivElement>(null)\n  const measureRef = useRef<HTMLDivElement>(null)\n  const textMeasureRef = useRef<HTMLSpanElement>(null)\n  const badgeRef = useRef<HTMLButtonElement>(null)\n  const inputRef = useRef<HTMLInputElement>(null)\n  const [visibleCount, setVisibleCount] = useState(count)\n\n  const recalculate = useCallback(() => {\n    // Fixed limit — skip DOM measurement\n    if (limitTags !== \"auto\") {\n      setVisibleCount(Math.min(limitTags, count))\n      return\n    }\n\n    const middle = middleRef.current\n    const measure = measureRef.current\n    if (!middle || !measure) {\n      setVisibleCount(count)\n      return\n    }\n    if (count === 0) {\n      setVisibleCount(0)\n      return\n    }\n\n    // Read real CSS metrics from the middle zone\n    const cs = getComputedStyle(middle)\n    const padL = parseFloat(cs.paddingLeft) || 0\n    const padR = parseFloat(cs.paddingRight) || 0\n    const gap = parseFloat(cs.gap) || 0\n    const middleW = middle.clientWidth\n\n    // Reserve trailing space for the input (autocomplete only). A pure chip row\n    // (`reserveInputWidth: false`) has no input, so nothing — and no gap before\n    // it — is reserved.\n    let inputReservedW = 0\n    let trailingGap = 0\n    if (reserveInputWidth) {\n      const textW = textMeasureRef.current?.offsetWidth ?? 60\n      const inputMinW = inputRef.current\n        ? parseFloat(getComputedStyle(inputRef.current).minWidth) || 60\n        : 60\n      inputReservedW = Math.max(textW + 8, inputMinW)\n      trailingGap = gap\n    }\n\n    // Available = middle zone − padding − input reserved − gap before input\n    const available = middleW - padL - padR - inputReservedW - trailingGap\n\n    // Measure every tag from the off-screen container\n    const tagEls = Array.from(measure.children) as HTMLElement[]\n    const widths = tagEls.map((el) => el.offsetWidth)\n\n    // Fast check: do ALL tags fit?\n    let total = 0\n    for (let i = 0; i < widths.length; i++) {\n      total += widths[i] + (i > 0 ? gap : 0)\n    }\n    if (total <= available) {\n      setVisibleCount(count)\n      return\n    }\n\n    // Not all fit → reserve space for the \"+N\" badge\n    const badgeW = badgeRef.current?.offsetWidth ?? 40\n    const spaceWithBadge = available - badgeW - gap\n\n    let used = 0\n    let fitCount = 0\n    for (let i = 0; i < widths.length; i++) {\n      const need = widths[i] + (i > 0 ? gap : 0)\n      if (used + need > spaceWithBadge) break\n      used += need\n      fitCount++\n    }\n\n    setVisibleCount(Math.max(0, fitCount))\n  }, [count, limitTags, placeholder, reserveInputWidth])\n\n  // Recalculate when inputs change\n  useEffect(() => {\n    recalculate()\n  }, [recalculate])\n\n  // Recalculate on container resize\n  useEffect(() => {\n    const el = middleRef.current\n    if (!el) return\n    const ro = new ResizeObserver(recalculate)\n    ro.observe(el)\n    return () => ro.disconnect()\n  }, [recalculate])\n\n  return { visibleCount, middleRef, measureRef, textMeasureRef, badgeRef, inputRef }\n}\n","\"use client\"\n\nimport { useState, useEffect } from \"react\"\n\n/**\n * Hook to debounce a value\n * @param value - Value to debounce\n * @param delay - Delay in milliseconds\n * @returns Debounced value\n */\nexport function useDebounce<T>(value: T, delay = 500): T {\n  const [debouncedValue, setDebouncedValue] = useState<T>(value)\n\n  useEffect(() => {\n    // Set up timeout to update debounced value\n    const timer = setTimeout(() => {\n      setDebouncedValue(value)\n    }, delay)\n\n    // Clean up timeout on value change or unmount\n    return () => {\n      clearTimeout(timer)\n    }\n  }, [value, delay])\n\n  return debouncedValue\n}\n","/**\n * Thin JSON-typed Web-Storage adapter (localStorage or sessionStorage).\n *\n * Centralizes the SSR-guard + try/catch + silent quota-failure pattern\n * that every per-feature storage util would otherwise re-implement.\n *\n * Optional `namespace` prefix supports platform / user partitioning —\n * the resolver runs lazily at call time so the namespace can vary across\n * the lifetime of the page (e.g. proxy-auth switches user, which switches\n * the key suffix).\n *\n * Backend selection (`backend: 'local' | 'session'`):\n *   - `'local'` (default): persists across browser sessions. Use for\n *     UI state, chat history metadata, feature-flag opt-ins.\n *   - `'session'`: cleared when the tab closes. Use for ANY auth-adjacent\n *     value (bearer tokens, act-as identity, proxy credentials). Reduces\n *     the XSS-exfiltration attack window from \"indefinite\" to \"until tab\n *     close\" without losing per-session ergonomics.\n */\n\nexport type WebStorageBackend = 'local' | 'session'\n\nexport interface LocalStorageAdapter<T> {\n  load(): T | null\n  save(value: T): void\n  clear(): void\n  /** Resolved storage key for the current call. Useful for tests. */\n  resolveKey(): string\n}\n\nexport interface LocalStorageAdapterOptions<T> {\n  /** Base storage key. Combined with `namespace()` when provided. */\n  key: string\n  /** Optional dynamic namespace prefix appended via `.` separator.\n   *  Called on EVERY read/write so the key can vary across the page\n   *  lifetime (e.g. when the platform or user identity changes). */\n  namespace?: () => string | null | undefined\n  /** Runtime shape check. Falsey return → `load()` yields null. */\n  validate?: (parsed: unknown) => parsed is T\n  /** Diagnostic prefix written to `console.warn` on parse / write\n   *  failures. Defaults to `'[local-storage]'`. */\n  logTag?: string\n  /** Which Web-Storage backend to use. Defaults to `'local'`. Pass\n   *  `'session'` for anything auth-adjacent so the value evaporates\n   *  when the tab closes. */\n  backend?: WebStorageBackend\n}\n\nfunction getStorage(backend: WebStorageBackend): Storage | null {\n  if (typeof window === 'undefined') return null\n  try {\n    return backend === 'session' ? window.sessionStorage : window.localStorage\n  } catch {\n    // Some sandboxed contexts (Safari private mode older versions,\n    // strict CSP) throw on storage access — treat as unavailable.\n    return null\n  }\n}\n\nexport function createLocalStorageAdapter<T>(\n  options: LocalStorageAdapterOptions<T>,\n): LocalStorageAdapter<T> {\n  const tag = options.logTag ?? '[local-storage]'\n  const backend: WebStorageBackend = options.backend ?? 'local'\n  const resolveKey = (): string => {\n    const ns = options.namespace?.()\n    return ns ? `${ns}.${options.key}` : options.key\n  }\n\n  return {\n    resolveKey,\n    load() {\n      const storage = getStorage(backend)\n      if (!storage) return null\n      try {\n        const raw = storage.getItem(resolveKey())\n        if (!raw) return null\n        const parsed = JSON.parse(raw) as unknown\n        if (options.validate && !options.validate(parsed)) return null\n        return parsed as T\n      } catch (err) {\n        console.warn(`${tag} parse failed for key ${resolveKey()}:`, err)\n        return null\n      }\n    },\n    save(value: T) {\n      const storage = getStorage(backend)\n      if (!storage) return\n      try {\n        storage.setItem(resolveKey(), JSON.stringify(value))\n      } catch (err) {\n        console.warn(`${tag} write failed for key ${resolveKey()}:`, err)\n      }\n    },\n    clear() {\n      const storage = getStorage(backend)\n      if (!storage) return\n      try {\n        storage.removeItem(resolveKey())\n      } catch (err) {\n        console.warn(`${tag} clear failed for key ${resolveKey()}:`, err)\n      }\n    },\n  }\n}\n","// Stub app config\nexport const APP_CONFIG = {\n  app: {\n    type: 'openmsp',\n    name: 'OpenMSP',\n    domain: 'openmsp.ai'\n  },\n  features: {\n    announcements: true,\n    notifications: true\n  }\n} as const;\n\nexport function getAppConfig() {\n  return APP_CONFIG;\n}\n\nexport function getAppType() {\n  return process.env.NEXT_PUBLIC_APP_TYPE || 'openmsp';\n}","'use client'\n\n/**\n * Client-side persistence for embed-surface proxy credentials\n * (`CHAT_PROXY_SECRET` + impersonation email). Used by every embedded\n * surface — the chat widget AND the ticket center AND any future\n * embedded React component that needs to identify itself as the\n * impersonated customer.\n *\n * When set, the surface attaches the creds as\n *   `Authorization: Bearer <secret>` + `X-Chat-Act-As: <email>`\n * on every call to `/api/docs/chat`, `/api/chat/*`, and any other route\n * gated by `requireChatAuth` — proving to the server that this session\n * is acting on behalf of <email>.\n *\n * **Naming history:** the wire-side header names are still `X-Chat-*`\n * and the env var is `CHAT_PROXY_SECRET`. Those are server contracts;\n * renaming them would require a coordinated deploy + customer-side\n * env-var migration. The CLIENT-side helpers were renamed `Embed*` so\n * non-chat surfaces (e.g. ticket center) don't have to import a\n * chat-prefixed symbol just to send the same headers.\n *\n * Persists to **`localStorage`** so the bearer token + act-as identity\n * survive tab close, new-tab opens, and browser restarts — the\n * `/debug` paste-creds UI is an admin tool and re-pasting every tab\n * cycle was rejected as a dev-experience tradeoff that wasn't worth\n * the security gain. An XSS sink on this origin can read the value\n * indefinitely (vs only-this-tab with sessionStorage), but `/debug`\n * is admin-gated behind the platform's `askAI.enabled` flag and the\n * impersonation header it sets is server-validated against\n * `CHAT_PROXY_SECRET` anyway. Explicit \"Clear\" button on the creds\n * bar is the supported logout path; closing the tab is no longer.\n *\n * Namespaced under `<platform>.chat.proxy-auth.v1` (the storage key is\n * unchanged from the old chat-prefixed helper — that's a storage\n * contract; renaming it would log everyone out).\n */\n\nimport { createLocalStorageAdapter } from './local-storage-adapter'\nimport { getAppType } from './app-config'\n\nexport interface EmbedProxyAuth {\n  secret: string\n  email: string\n  /** Optional identity passthrough — empty/omitted = not sent. Server\n   *  parses these as `X-Chat-{First,Last}-Name` / `X-Chat-Avatar-Url` and\n   *  threads them through `resolveChatProxyIdentity`'s returned user. */\n  firstName?: string\n  lastName?: string\n  avatarUrl?: string\n}\n\nfunction isValidPersistedAuth(value: unknown): value is EmbedProxyAuth {\n  if (!value || typeof value !== 'object') return false\n  const v = value as Record<string, unknown>\n  if (\n    typeof v.secret !== 'string' || v.secret.trim().length === 0 ||\n    typeof v.email !== 'string' || v.email.trim().length === 0\n  ) return false\n  // Optional fields: when present must be strings. Empty string is treated\n  // as absent later (in `getEmbedProxyAuth`).\n  if (v.firstName != null && typeof v.firstName !== 'string') return false\n  if (v.lastName != null && typeof v.lastName !== 'string') return false\n  if (v.avatarUrl != null && typeof v.avatarUrl !== 'string') return false\n  return true\n}\n\nconst adapter = createLocalStorageAdapter<EmbedProxyAuth>({\n  // Storage key unchanged from the legacy chat-prefixed helper. Renaming\n  // it would silently log every existing admin out — the key is a\n  // storage contract, not a code identifier.\n  key: 'chat.proxy-auth.v1',\n  namespace: () => getAppType(),\n  validate: isValidPersistedAuth,\n  logTag: '[embed-proxy-auth-storage]',\n  // localStorage — survives tab close, new tabs, and browser restarts.\n  // Admin re-pasting creds every tab cycle was the dev-experience\n  // tradeoff prior `sessionStorage` setup demanded — rejected. See\n  // file-level doc comment for the security tradeoff rationale.\n  backend: 'local',\n})\n\n/** Trim + null-coerce an optional identity field so consumers can do\n *  `auth.firstName ?? ''` without worrying about whitespace-only strings. */\nfunction normalizeOptional(value: string | undefined): string | undefined {\n  if (!value) return undefined\n  const trimmed = value.trim()\n  return trimmed.length > 0 ? trimmed : undefined\n}\n\n/**\n * Returns full credentials (secret + email + optional identity passthrough)\n * when secret + email are available. Returns `null` when nothing is saved —\n * callers treat that as \"fall back to cookie auth\".\n */\nexport function getEmbedProxyAuth(): EmbedProxyAuth | null {\n  const persisted = adapter.load()\n  if (!persisted) return null\n  return {\n    secret: persisted.secret,\n    email: persisted.email.trim().toLowerCase(),\n    firstName: normalizeOptional(persisted.firstName),\n    lastName: normalizeOptional(persisted.lastName),\n    avatarUrl: normalizeOptional(persisted.avatarUrl),\n  }\n}\n\n/**\n * Returns the LAST email the admin saved. The proxy creds bar reads\n * this to pre-fill the email field on mount.\n */\nexport function getPersistedProxyEmail(): string | null {\n  const persisted = adapter.load()\n  return persisted?.email.trim().toLowerCase() ?? null\n}\n\n/** Save the proxy creds. Secret + email are required; identity-passthrough\n *  fields are persisted only when non-empty. */\nexport function setEmbedProxyAuth(value: EmbedProxyAuth): void {\n  adapter.save({\n    secret: value.secret,\n    email: value.email.trim().toLowerCase(),\n    firstName: normalizeOptional(value.firstName),\n    lastName: normalizeOptional(value.lastName),\n    avatarUrl: normalizeOptional(value.avatarUrl),\n  })\n}\n\n/** Drop the persisted creds. */\nexport function clearEmbedProxyAuth(): void {\n  adapter.clear()\n}\n\n/**\n * Apply the embed-proxy auth (Bearer + X-Chat-Act-As) to a fetch call's\n * URL + headers. Used by every embedded-surface route that needs to\n * identify itself as the proxied customer (chat stream, agent-* routes,\n * ticket-center actions). When proxy auth is absent (regular\n * cookie-session users), returns the inputs unchanged so the cookie-auth\n * path still works.\n *\n * `X-Chat-Act-As` header (vs a URL query param) keeps PII out of access\n * logs, Sentry breadcrumbs, browser history, and CDN analytics.\n */\nexport function applyProxyAuth(\n  url: string,\n  baseHeaders: Record<string, string> = { 'Content-Type': 'application/json' },\n): { url: string; headers: Record<string, string> } {\n  const auth = getEmbedProxyAuth()\n  const headers = { ...baseHeaders }\n  if (auth?.secret) {\n    headers.Authorization = `Bearer ${auth.secret}`\n  }\n  if (auth?.email) {\n    headers['X-Chat-Act-As'] = auth.email\n  }\n  // Optional identity passthrough — only attached when present so the\n  // server's \"required vs optional\" header shape stays exact.\n  if (auth?.firstName) headers['X-Chat-First-Name'] = auth.firstName\n  if (auth?.lastName) headers['X-Chat-Last-Name'] = auth.lastName\n  if (auth?.avatarUrl) headers['X-Chat-Avatar-Url'] = auth.avatarUrl\n  return { url, headers }\n}\n","'use client'\n\n/**\n * Shared `fetch` wrapper for any embedded surface (chat, ticket center,\n * future widgets) that needs to carry the bearer-act-as identity\n * (proxy `Authorization` + `X-Chat-Act-As` headers from\n * `embed-proxy-auth-storage.ts`).\n *\n * Wire header names are `X-Chat-*` for historical reasons — that's a\n * server contract, not a UI namespace. The wrapper itself is generic.\n *\n * Drop-in replacement for `fetch()` — `Authorization` / `X-Chat-Act-As`\n * are merged into `init.headers` when proxy creds are stashed in\n * sessionStorage, otherwise the call falls through to the cookie-auth\n * path unchanged.\n *\n * Use this for any client-side fetch hitting `/api/chat/*`, `/api/docs/chat/*`,\n * or `/api/storage/generate-upload-url` (chat-attachment surface — shared\n * with the ticket center). Routes that do NOT need bearer-act-as\n * (e.g. `/api/profile/me`) keep using vanilla `fetch`.\n */\n\nimport { applyProxyAuth } from './embed-proxy-auth-storage'\n\n// =============================================================================\n// Host-supplied auth adapter (opt-in)\n// =============================================================================\n\n/**\n * Hosts that have their own auth model (cookie sessions, app-specific\n * JWT in localStorage, OAuth access tokens, …) can register an adapter\n * to override the lib's default `embedProxyAuth` flow. When set, the\n * adapter's `getHeaders()` result is merged onto every `embedAuthedFetch`\n * call AFTER the default proxy-auth header step (so adapter headers\n * win over both caller and proxy values), and `credentials` overrides\n * the default `'same-origin'` behaviour.\n *\n * Default (no adapter): MPH-style proxy-impersonation — bearer + act-as\n * read from localStorage, `credentials: 'same-origin'`. No consumer\n * needs to touch this unless they want a different auth model.\n *\n * Use cases:\n *   - openframe-frontend has its own JWT in `localStorage.of_access_token`\n *     and cookie-based session; register an adapter to attach the JWT\n *     and request `credentials: 'include'` so cookies travel cross-origin\n *     to the openframe gateway.\n *   - Future embed hosts with OAuth access tokens, signed URLs, etc.\n *\n * Lifetime: setter is module-level (intentionally — `embedAuthedFetch`\n * is a plain utility, not a hook, so it can't read React context). Host\n * runtime providers should call `setEmbedAuthAdapter(...)` on mount and\n * `setEmbedAuthAdapter(null)` on unmount. Multiple hosts registering at\n * once is a programming error (one chat panel per app).\n */\nexport interface EmbedAuthAdapter {\n  /** Headers merged onto every embedded-fetch call. Return `{}` to add\n   *  nothing. Called per-request so reactive token refresh sees the latest\n   *  value from your auth store / storage. Values typed as\n   *  `string | undefined` so the common narrowed shape\n   *  `{ Authorization: token ? 'Bearer …' : undefined }` (or a conditional\n   *  `token ? { Authorization: … } : {}`) assigns cleanly — `undefined`\n   *  values are filtered before being merged into the request headers. */\n  getHeaders?: () => Record<string, string | undefined>\n  /** `RequestInit.credentials` mode. Default when no adapter: callers'\n   *  `init.credentials` or `'same-origin'`. Use `'include'` for cookie\n   *  auth against a different origin (CORS + `SameSite=None` required). */\n  credentials?: RequestCredentials\n  /**\n   * Optional 401 self-heal. When a request comes back `401`,\n   * `embedAuthedFetch` calls this once, and — if it resolves `true` —\n   * retries the SAME request exactly once with freshly-recomputed\n   * headers (so a rotated bearer from `getHeaders()` is picked up).\n   * Resolve `false` to surface the 401 to the caller unchanged.\n   *\n   * This is the capability the openframe `apiClient` has had all along\n   * (refresh-the-access-token-then-retry); registering it here gives the\n   * embedded chat/ticket surfaces the same self-healing auth instead of\n   * dying on an expired token. Concurrent 401s are de-duplicated by the\n   * wrapper, so this fires at most once per refresh cycle even when a\n   * stampede of chat requests all expire together — your implementation\n   * does NOT need its own in-flight guard (though a token-refresh manager\n   * that already dedups is harmless).\n   *\n   * Keep it idempotent and side-effect-light: on failure the wrapper just\n   * returns the original 401 — logout/redirect decisions belong to the\n   * host's own auth layer, not to this fetch wrapper.\n   */\n  refresh?: () => Promise<boolean>\n}\n\n/**\n * The registered adapter is parked on `globalThis`, NOT in a module-private\n * `let`. Reason: this lib ships multiple entry points (`/utils`,\n * `/components/chat`, …) and a consumer's bundler can inline this file into\n * more than one chunk — giving each chunk its OWN module scope. If the host\n * calls `setEmbedAuthAdapter` from the `/utils` copy while the chat's\n * `embedAuthedFetch` runs from the `/components/chat` copy, a module-local\n * `let` would be set on one copy and read as `null` on the other (the exact\n * \"credentials: same-origin, no Bearer, no refresh\" symptom). A single\n * `globalThis` slot is shared across every copy, so registration always\n * reaches the fetch path.\n */\nconst ADAPTER_GLOBAL_KEY = '__embedAuthedFetchAdapter__'\n\nfunction getRegisteredAuthAdapter(): EmbedAuthAdapter | null {\n  if (typeof globalThis === 'undefined') return null\n  return (globalThis as Record<string, unknown>)[ADAPTER_GLOBAL_KEY] as EmbedAuthAdapter | null ?? null\n}\n\nfunction storeRegisteredAuthAdapter(adapter: EmbedAuthAdapter | null): void {\n  if (typeof globalThis === 'undefined') return\n  ;(globalThis as Record<string, unknown>)[ADAPTER_GLOBAL_KEY] = adapter\n}\n\n/**\n * Register a host-owned auth adapter for `embedAuthedFetch`. Pass `null`\n * to clear (typically on provider unmount).\n *\n * Module-level state — there is one chat panel per app, so a single\n * registration is sufficient. Calling this twice with different non-null\n * adapters replaces the previous one (the most recent registration wins);\n * a `console.warn` flags the overwrite so duplicate-provider mounts get\n * caught in dev.\n */\nexport function setEmbedAuthAdapter(adapter: EmbedAuthAdapter | null): void {\n  if (adapter && getRegisteredAuthAdapter() && process.env.NODE_ENV !== 'production') {\n    console.warn(\n      '[setEmbedAuthAdapter] overwriting a previously-registered auth ' +\n        'adapter. Two chat-runtime providers should not coexist — verify ' +\n        'mount order and pass `null` from the unmounting provider.',\n    )\n  }\n  storeRegisteredAuthAdapter(adapter)\n}\n\n/**\n * Whether a host auth adapter is currently registered. Lets sibling helpers\n * (e.g. `contentFetch`) route through `embedAuthedFetch` ONLY when a host has\n * opted into embedded auth, and stay a plain `fetch` otherwise — so there's a\n * single auth knob (the adapter), not a second content-fetch registration.\n */\nexport function hasEmbedAuthAdapter(): boolean {\n  return getRegisteredAuthAdapter() !== null\n}\n\n/**\n * `fetch` wrapper that attaches embed-proxy bearer headers (when\n * present in sessionStorage) and forces `credentials: 'same-origin'`\n * so Supabase auth cookies travel too.\n *\n * **Header merge direction (proxy WINS over caller):** the implementation\n * spreads `baseHeaders` first inside `applyProxyAuth`, then sets the\n * `Authorization` / `X-Chat-*` keys — so the proxy values take precedence\n * over anything the caller passed. The motivation is that the bearer +\n * act-as identity is the source of truth for embedded auth; a caller\n * accidentally passing a stale `Authorization` header should NOT override\n * the live proxy creds.\n *\n * **Cross-origin defense:** the wrapper assumes a same-origin `/api/…`\n * relative URL. Absolute URLs are accepted only when their origin matches\n * the current window's origin; cross-origin URLs throw before the bearer\n * leaves the page. This is a defense-in-depth guard for future call sites\n * — there is no legitimate cross-origin use of this fetch wrapper.\n *\n * **401 self-heal:** when a registered adapter supplies `refresh`, a `401`\n * response triggers a single token refresh + retry of the same request\n * (see `EmbedAuthAdapter.refresh`). This is the openframe `apiClient`'s\n * refresh-then-retry behaviour, lifted into the lib so embedded surfaces\n * no longer need a host-side `window.fetch` monkey-patch to survive an\n * expired access token mid-chat. With no adapter (or no `refresh`), the\n * 401 passes straight through unchanged.\n */\nexport function embedAuthedFetch(url: string, init: RequestInit = {}): Promise<Response> {\n  // Same-origin guard runs SYNCHRONOUSLY (not awaited inside the async\n  // helper below) so a bearer-leaking cross-origin URL throws before any\n  // promise is created — callers and tests rely on the synchronous throw.\n  assertSameOrigin(url)\n\n  // `applyProxyAuth` accepts `Record<string, string>`; normalize the\n  // caller's headers to that shape ONCE, up front. RequestInit accepts\n  // `HeadersInit` which is broader (Headers instance OR array of tuples).\n  // We re-derive the per-request headers from this base on every attempt\n  // (initial + post-refresh retry) so a rotated bearer is picked up.\n  //\n  // When the caller passes no headers, fall back to the same default\n  // `applyProxyAuth` uses internally — `Content-Type: application/json` —\n  // so JSON POSTs keep their content-type when only `embedAuthedFetch(url)`\n  // is used at the call site. GET callers that explicitly want no body\n  // headers can pass `init.headers = {}` to opt out.\n  let baseHeaders: Record<string, string>\n  if (init.headers === undefined) {\n    baseHeaders = { 'Content-Type': 'application/json' }\n  } else {\n    baseHeaders = {}\n    if (init.headers instanceof Headers) {\n      init.headers.forEach((v, k) => {\n        baseHeaders[k] = v\n      })\n    } else if (Array.isArray(init.headers)) {\n      for (const [k, v] of init.headers) baseHeaders[k] = v\n    } else {\n      Object.assign(baseHeaders, init.headers as Record<string, string>)\n    }\n  }\n\n  return fetchWithRefresh(url, init, baseHeaders, false)\n}\n\n/**\n * Single in-flight refresh shared across all concurrent `embedAuthedFetch`\n * callers. A stampede of chat requests that all 401 at the same moment must\n * trigger the adapter's `refresh()` ONCE, not N times — otherwise an\n * expiring session fires a thundering herd of refresh calls at the auth\n * server. Resets to `null` once settled so the next genuine expiry can\n * refresh again.\n */\n// Stored on `globalThis` rather than a module-local so the \"single refresh\"\n// guarantee survives module duplication. Bundlers can ship more than one copy\n// of this module (e.g. across chunks or a host + embedded build); a per-module\n// variable would let each copy run its own refresh cycle, re-creating the\n// thundering-herd this dedupe exists to prevent.\nconst IN_FLIGHT_REFRESH_GLOBAL_KEY = '__embedAuthedFetchInFlightRefresh__'\n\nfunction getInFlightRefresh(): Promise<boolean> | null {\n  if (typeof globalThis === 'undefined') return null\n  return (\n    ((globalThis as Record<string, unknown>)[IN_FLIGHT_REFRESH_GLOBAL_KEY] as\n      | Promise<boolean>\n      | null\n      | undefined) ?? null\n  )\n}\n\nfunction setInFlightRefresh(refresh: Promise<boolean> | null): void {\n  if (typeof globalThis === 'undefined') return\n  ;(globalThis as Record<string, unknown>)[IN_FLIGHT_REFRESH_GLOBAL_KEY] = refresh\n}\n\nfunction dedupedRefresh(): Promise<boolean> {\n  const adapter = getRegisteredAuthAdapter()\n  if (!adapter?.refresh) return Promise.resolve(false)\n  let inFlightRefresh = getInFlightRefresh()\n  if (!inFlightRefresh) {\n    // Wrap in `Promise.resolve` so an adapter that throws synchronously\n    // (rather than rejecting) still funnels through the shared slot and\n    // clears it. A rejected refresh is treated as \"could not refresh\".\n    inFlightRefresh = Promise.resolve()\n      .then(() => adapter.refresh!())\n      .catch(() => false)\n      .finally(() => {\n        setInFlightRefresh(null)\n      })\n    setInFlightRefresh(inFlightRefresh)\n  }\n  return inFlightRefresh\n}\n\n/**\n * Core fetch path: merge proxy-auth + adapter headers, issue the request,\n * and — on a `401` with a refresh-capable adapter — refresh once and retry\n * the identical request a single time. Mirrors the openframe `apiClient`'s\n * refresh-then-retry contract (`isRetry` guards against infinite loops).\n */\nasync function fetchWithRefresh(\n  url: string,\n  init: RequestInit,\n  baseHeaders: Record<string, string>,\n  isRetry: boolean,\n): Promise<Response> {\n  // Re-run the merge each attempt: `applyProxyAuth` reads the latest stored\n  // proxy creds and `getHeaders()` reads the latest bearer, so a retry after\n  // refresh carries the rotated token rather than the stale one. `{...baseHeaders}`\n  // keeps the caller's normalized headers immutable across attempts.\n  const { url: authedUrl, headers } = applyProxyAuth(url, { ...baseHeaders })\n\n  // Host-supplied auth adapter layer. Runs AFTER the proxy-auth merge so\n  // adapter headers override both caller and proxy values — the adapter\n  // is the host's explicit \"this is my auth model\" override, intentionally\n  // last-writer-wins. When no adapter is registered, this is a zero-cost\n  // no-op (object spread of `{}`).\n  const adapter = getRegisteredAuthAdapter()\n  if (adapter?.getHeaders) {\n    // Filter `undefined` values — the adapter type allows them so consumers\n    // don't have to narrow `{ Authorization: token ? '…' : undefined }`-shaped\n    // returns, but `fetch` headers must be strings.\n    for (const [k, v] of Object.entries(adapter.getHeaders())) {\n      if (v !== undefined) headers[k] = v\n    }\n  }\n  const credentials = adapter?.credentials ?? init.credentials ?? 'same-origin'\n\n  const response = await fetch(authedUrl, {\n    ...init,\n    headers,\n    // Default `same-origin` carries Supabase cookies for the MPH proxy-\n    // auth model. Hosts on different origins (openframe-frontend ↔\n    // openframe gateway) register `credentials: 'include'` via the\n    // adapter to make their own cookies travel cross-origin (CORS +\n    // `SameSite=None` must be configured server-side for that to work).\n    credentials,\n  })\n\n  // 401 self-heal: refresh the token once and retry. Only when an adapter\n  // opted into `refresh`, and only on the first attempt — a 401 on the\n  // retry means the fresh token is also unauthorized, so surface it.\n  if (response.status === 401 && !isRetry && adapter?.refresh) {\n    const refreshed = await dedupedRefresh()\n    if (refreshed) {\n      return fetchWithRefresh(url, init, baseHeaders, true)\n    }\n  }\n\n  return response\n}\n\n/**\n * Reject any URL that resolves to a cross-origin destination or to a\n * non-http(s) scheme. Every input is resolved against\n * `window.location.href` so the same rule covers path-only\n * (`/api/...`), absolute (`https://...`), protocol-relative\n * (`//host/...`), AND whitespace-prefixed forms (`\\t//evil.com/...`) —\n * the WHATWG fetch spec strips leading ASCII whitespace before\n * parsing, so any regex-based \"skip relative\" shortcut is bypassable\n * with a leading `\\t`/`\\n`/`\\r`/space. We resolve unconditionally\n * instead and compare origins.\n *\n * Also blocks `javascript:` / `data:` / `blob:` etc. — only `http(s):`\n * is allowed. This is explicit allowlisting rather than relying on\n * `origin === 'null'` to fall out wrong.\n *\n * Server-side rendering: when `typeof window === 'undefined'` we skip\n * the check — the bearer comes from sessionStorage which doesn't exist\n * on the server, so there's nothing to leak anyway.\n */\nfunction assertSameOrigin(url: string): void {\n  if (typeof window === 'undefined') return\n  let target: URL\n  let pageOrigin: string\n  try {\n    target = new URL(url, window.location.href)\n    // Derive the page origin from `href` rather than reading\n    // `window.location.origin` directly so the check works in test\n    // environments that mock `window.location` to a plain object\n    // without an `origin` field (jsdom setups do this).\n    pageOrigin = new URL(window.location.href).origin\n  } catch {\n    throw new Error(`embedAuthedFetch: refusing to fetch malformed URL (${JSON.stringify(url)})`)\n  }\n  if (target.protocol !== 'http:' && target.protocol !== 'https:') {\n    throw new Error(\n      `embedAuthedFetch: refusing non-http(s) URL (${target.protocol}) — pass a relative /api/* path instead`,\n    )\n  }\n  if (target.origin !== pageOrigin) {\n    // Dev-mode escape hatch — embedded apps (e.g. openframe-frontend)\n    // run on a different origin from their gateway during local dev,\n    // and forcing a Next.js `rewrites()` workaround is more error-prone\n    // than relaxing the guard for the dev build. In production\n    // (`NODE_ENV === 'production'`) the guard stays absolute — same\n    // defense-in-depth bearer-leak protection as before. The check is\n    // baked at build time by Next/webpack/Turbopack so prod bundles\n    // contain only the throwing branch (no dev string in the artifact).\n    if (process.env.NODE_ENV !== 'production') {\n      console.warn(\n        `[embedAuthedFetch] cross-origin fetch to ${target.origin} ` +\n          `allowed in dev (NODE_ENV !== 'production'). Production builds ` +\n          `will reject this — wire a same-origin proxy before shipping.`,\n      )\n      return\n    }\n    throw new Error(\n      `embedAuthedFetch: refusing cross-origin fetch to ${target.origin} — pass a relative /api/* path instead`,\n    )\n  }\n}\n"]}