@floegence/floe-webapp-boot 0.35.58 → 0.35.59

package/dist/artifactSource.d.ts

@@ -0,0 +1,14 @@
+import type { ConnectArtifact, ConnectArtifactRequestConfig, EntryConnectArtifactRequestConfig } from '@floegence/flowersec-core/browser';
+export type ArtifactRequestContext = Readonly<{
+    signal?: AbortSignal;
+    traceId?: string;
+}>;
+export type ArtifactSourceKind = 'controlplane' | 'entry_controlplane' | 'fixed' | 'factory';
+export type ArtifactSource = Readonly<{
+    kind: ArtifactSourceKind;
+    getArtifact: (ctx: ArtifactRequestContext) => Promise<ConnectArtifact>;
+}>;
+export declare function createArtifactSourceFromFactory(getArtifact: (ctx: ArtifactRequestContext) => Promise<ConnectArtifact>, kind?: ArtifactSourceKind): ArtifactSource;
+export declare function createFixedArtifactSource(artifact: ConnectArtifact): ArtifactSource;
+export declare function createControlplaneArtifactSource(config: ConnectArtifactRequestConfig): ArtifactSource;
+export declare function createEntryControlplaneArtifactSource(config: EntryConnectArtifactRequestConfig): ArtifactSource;

package/dist/hash.d.ts

@@ -0,0 +1,4 @@
+export declare function base64UrlToBase64(s: string): string;
+export declare function parseHashParam(key: string): string | null;
+export declare function parseBase64UrlJsonFromHash<T>(key: string): T | null;
+export declare function clearLocationHash(): void;

package/dist/index.d.ts

@@ -1,15 +1,10 @@
-export type WaitForMessageOptions<T> = Readonly<{
-    expectedOrigins: string[];
-    expectedSource: Window;
-    timeoutMs?: number;
-    accept: (data: unknown) => T | null;
-}>;
-export declare function base64UrlToBase64(s: string): string;
-export declare function parseHashParam(key: string): string | null;
-export declare function parseBase64UrlJsonFromHash<T>(key: string): T | null;
-export declare function clearLocationHash(): void;
-export declare function getSessionStorage(key: string): string;
-export declare function setSessionStorage(key: string, value: string): void;
-export declare function removeSessionStorage(key: string): void;
-export declare function postMessageToOrigins(target: Window, origins: string[], message: unknown): void;
-export declare function waitForMessage<T>(opts: WaitForMessageOptions<T>): Promise<T>;
+export { base64UrlToBase64, clearLocationHash, parseBase64UrlJsonFromHash, parseHashParam, } from './hash';
+export type { WaitForMessageOptions } from './messaging';
+export { postMessageToOrigins, waitForMessage } from './messaging';
+export { getSessionStorage, removeSessionStorage, setSessionStorage } from './storage';
+export type { ArtifactRequestContext, ArtifactSource, ArtifactSourceKind, } from './artifactSource';
+export { createArtifactSourceFromFactory, createControlplaneArtifactSource, createEntryControlplaneArtifactSource, createFixedArtifactSource, } from './artifactSource';
+export type { DirectArtifactReconnectOptions, TunnelArtifactReconnectOptions, } from './reconnect';
+export { createArtifactDirectReconnectConfig, createArtifactTunnelReconnectConfig, createProxyRuntimeTunnelReconnectConfig, } from './reconnect';
+export type { ScopeEnvelope, ScopeResolver, ScopeResolverMap } from './scope';
+export { createBootstrapScopeResolvers, FLOWERSEC_BOOTSTRAP_SCOPE_RESOLVERS, PROXY_RUNTIME_SCOPE_NAME, validateProxyRuntimeScopeEntry, } from './scope';

package/dist/index.js

@@ -1,89 +1,28 @@
-function l(e) {
-  let t = String(e ?? "").replace(/-/g, "+").replace(/_/g, "/");
-  for (; t.length % 4 !== 0; ) t += "=";
-  return t;
-}
-function m(e) {
-  const t = String(e ?? "").trim();
-  if (!t) return null;
-  const r = String(window.location.hash ?? "").trim(), n = r.startsWith("#") ? r.slice(1) : r;
-  if (!n) return null;
-  try {
-    const o = new URLSearchParams(n);
-    return String(o.get(t) ?? "").trim() || null;
-  } catch {
-    return null;
-  }
-}
-function g(e) {
-  const t = m(e);
-  if (!t) return null;
-  try {
-    const r = atob(l(t));
-    return r ? JSON.parse(r) : null;
-  } catch {
-    return null;
-  }
-}
-function f() {
-  try {
-    history.replaceState(null, document.title, window.location.pathname + window.location.search);
-  } catch {
-  }
-}
-function h(e) {
-  try {
-    return String(sessionStorage.getItem(e) ?? "").trim();
-  } catch {
-    return "";
-  }
-}
-function w(e, t) {
-  try {
-    sessionStorage.setItem(e, t);
-  } catch {
-  }
-}
-function S(e) {
-  try {
-    sessionStorage.removeItem(e);
-  } catch {
-  }
-}
-function d(e, t, r) {
-  const n = Array.from(new Set((t ?? []).map((o) => String(o ?? "").trim()).filter(Boolean)));
-  for (const o of n)
-    try {
-      e.postMessage(r, o);
-    } catch {
-    }
-}
-function p(e) {
-  const t = Array.from(new Set((e.expectedOrigins ?? []).map((n) => String(n ?? "").trim()).filter(Boolean)));
-  if (t.length === 0) return Promise.reject(new Error("expectedOrigins is required"));
-  if (!e.expectedSource) return Promise.reject(new Error("expectedSource is required"));
-  const r = Math.max(0, Math.floor(e.timeoutMs ?? 8e3));
-  return new Promise((n, o) => {
-    const s = window.setTimeout(() => {
-      c(), o(new Error("Handshake timeout"));
-    }, r), a = (i) => {
-      if (!t.includes(i.origin) || i.source !== e.expectedSource) return;
-      const u = e.accept(i.data);
-      u != null && (c(), n(u));
-    }, c = () => {
-      window.clearTimeout(s), window.removeEventListener("message", a);
-    };
-    window.addEventListener("message", a);
-  });
-}
+import { base64UrlToBase64 as o, clearLocationHash as t, parseBase64UrlJsonFromHash as a, parseHashParam as c } from "./index2.js";
+import { postMessageToOrigins as s, waitForMessage as i } from "./index3.js";
+import { getSessionStorage as f, removeSessionStorage as p, setSessionStorage as m } from "./index4.js";
+import { createArtifactSourceFromFactory as l, createControlplaneArtifactSource as g, createEntryControlplaneArtifactSource as E, createFixedArtifactSource as x } from "./index5.js";
+import { createArtifactDirectReconnectConfig as A, createArtifactTunnelReconnectConfig as C, createProxyRuntimeTunnelReconnectConfig as O } from "./index6.js";
+import { FLOWERSEC_BOOTSTRAP_SCOPE_RESOLVERS as T, PROXY_RUNTIME_SCOPE_NAME as F, createBootstrapScopeResolvers as _, validateProxyRuntimeScopeEntry as y } from "./index7.js";
 export {
-  l as base64UrlToBase64,
-  f as clearLocationHash,
-  h as getSessionStorage,
-  g as parseBase64UrlJsonFromHash,
-  m as parseHashParam,
-  d as postMessageToOrigins,
-  S as removeSessionStorage,
-  w as setSessionStorage,
-  p as waitForMessage
+  T as FLOWERSEC_BOOTSTRAP_SCOPE_RESOLVERS,
+  F as PROXY_RUNTIME_SCOPE_NAME,
+  o as base64UrlToBase64,
+  t as clearLocationHash,
+  A as createArtifactDirectReconnectConfig,
+  l as createArtifactSourceFromFactory,
+  C as createArtifactTunnelReconnectConfig,
+  _ as createBootstrapScopeResolvers,
+  g as createControlplaneArtifactSource,
+  E as createEntryControlplaneArtifactSource,
+  x as createFixedArtifactSource,
+  O as createProxyRuntimeTunnelReconnectConfig,
+  f as getSessionStorage,
+  a as parseBase64UrlJsonFromHash,
+  c as parseHashParam,
+  s as postMessageToOrigins,
+  p as removeSessionStorage,
+  m as setSessionStorage,
+  y as validateProxyRuntimeScopeEntry,
+  i as waitForMessage
 };

package/dist/index10.js

@@ -0,0 +1,13 @@
+import { resolveProxyPreset as m, DEFAULT_PROXY_PRESET_MANIFEST as _, CODESERVER_PROXY_PRESET_MANIFEST as i } from "./index21.js";
+function t(s) {
+  const e = m(s);
+  return Object.freeze({
+    maxJsonFrameBytes: e.limits.max_json_frame_bytes,
+    maxChunkBytes: e.limits.max_chunk_bytes,
+    maxBodyBytes: e.limits.max_body_bytes,
+    maxWsFrameBytes: e.limits.max_ws_frame_bytes,
+    timeoutMs: e.limits.timeout_ms ?? 0
+  });
+}
+t(_);
+t(i);

package/dist/index11.js

@@ -0,0 +1,50 @@
+var i;
+(function(e) {
+  e[e.Suite_P256_HKDF_SHA256_AES_256_GCM = 2] = "Suite_P256_HKDF_SHA256_AES_256_GCM", e[e.Suite_X25519_HKDF_SHA256_AES_256_GCM = 1] = "Suite_X25519_HKDF_SHA256_AES_256_GCM";
+})(i || (i = {}));
+function o(e) {
+  return typeof e == "object" && e != null && !Array.isArray(e);
+}
+function r(e, n) {
+  if (typeof n != "string")
+    throw new Error(`bad ${e}`);
+  return n;
+}
+function _(e, n) {
+  if (typeof n != "number" || !Number.isSafeInteger(n))
+    throw new Error(`bad ${e}`);
+  return n;
+}
+function u(e, n) {
+  return _(e, n);
+}
+const c = /* @__PURE__ */ new Set([
+  2,
+  1
+]);
+function f(e, n) {
+  const t = _(e, n);
+  if (!c.has(t))
+    throw new Error(`bad ${e}`);
+  return t;
+}
+function a(e) {
+  if (!o(e))
+    throw new Error("bad DirectConnectInfo");
+  const n = e;
+  if (n.ws_url === void 0)
+    throw new Error("bad DirectConnectInfo.ws_url");
+  if (r("DirectConnectInfo.ws_url", n.ws_url), n.channel_id === void 0)
+    throw new Error("bad DirectConnectInfo.channel_id");
+  if (r("DirectConnectInfo.channel_id", n.channel_id), n.e2ee_psk_b64u === void 0)
+    throw new Error("bad DirectConnectInfo.e2ee_psk_b64u");
+  if (r("DirectConnectInfo.e2ee_psk_b64u", n.e2ee_psk_b64u), n.channel_init_expire_at_unix_s === void 0)
+    throw new Error("bad DirectConnectInfo.channel_init_expire_at_unix_s");
+  if (u("DirectConnectInfo.channel_init_expire_at_unix_s", n.channel_init_expire_at_unix_s), n.default_suite === void 0)
+    throw new Error("bad DirectConnectInfo.default_suite");
+  return f("DirectConnectInfo.default_suite", n.default_suite), n;
+}
+export {
+  i as Suite,
+  a as assertDirectConnectInfo
+};

package/dist/index12.js

@@ -0,0 +1,6 @@
+import "./index22.js";
+import "./index23.js";
+import "./index24.js";
+import "./index25.js";
+new TextEncoder();
+new TextDecoder();

package/dist/index13.js

@@ -0,0 +1,2 @@
+import "./index9.js";
+BigInt(Number.MAX_SAFE_INTEGER);

package/dist/index14.js

@@ -0,0 +1 @@
+new TextEncoder();

package/dist/index15.js

@@ -0,0 +1,7 @@
+var r;
+(function(e) {
+  e[e.Role_client = 1] = "Role_client", e[e.Role_server = 2] = "Role_server";
+})(r || (r = {}));
+export {
+  r as Role
+};

package/dist/index16.js

@@ -0,0 +1,83 @@
+var a;
+(function(e) {
+  e[e.Role_client = 1] = "Role_client", e[e.Role_server = 2] = "Role_server";
+})(a || (a = {}));
+var _;
+(function(e) {
+  e[e.Suite_P256_HKDF_SHA256_AES_256_GCM = 2] = "Suite_P256_HKDF_SHA256_AES_256_GCM", e[e.Suite_X25519_HKDF_SHA256_AES_256_GCM = 1] = "Suite_X25519_HKDF_SHA256_AES_256_GCM";
+})(_ || (_ = {}));
+function l(e) {
+  return typeof e == "object" && e != null && !Array.isArray(e);
+}
+function r(e, n) {
+  if (typeof n != "string")
+    throw new Error(`bad ${e}`);
+  return n;
+}
+function i(e, n) {
+  if (typeof n != "number" || !Number.isSafeInteger(n))
+    throw new Error(`bad ${e}`);
+  return n;
+}
+function u(e, n) {
+  const t = i(e, n);
+  if (t < -2147483648 || t > 2147483647)
+    throw new Error(`bad ${e}`);
+  return t;
+}
+function s(e, n) {
+  return i(e, n);
+}
+const d = /* @__PURE__ */ new Set([
+  1,
+  2
+]);
+function h(e, n) {
+  const t = i(e, n);
+  if (!d.has(t))
+    throw new Error(`bad ${e}`);
+  return t;
+}
+const f = /* @__PURE__ */ new Set([
+  2,
+  1
+]);
+function o(e, n) {
+  const t = i(e, n);
+  if (!f.has(t))
+    throw new Error(`bad ${e}`);
+  return t;
+}
+function w(e) {
+  if (!l(e))
+    throw new Error("bad ChannelInitGrant");
+  const n = e;
+  if (n.tunnel_url === void 0)
+    throw new Error("bad ChannelInitGrant.tunnel_url");
+  if (r("ChannelInitGrant.tunnel_url", n.tunnel_url), n.channel_id === void 0)
+    throw new Error("bad ChannelInitGrant.channel_id");
+  if (r("ChannelInitGrant.channel_id", n.channel_id), n.channel_init_expire_at_unix_s === void 0)
+    throw new Error("bad ChannelInitGrant.channel_init_expire_at_unix_s");
+  if (s("ChannelInitGrant.channel_init_expire_at_unix_s", n.channel_init_expire_at_unix_s), n.idle_timeout_seconds === void 0)
+    throw new Error("bad ChannelInitGrant.idle_timeout_seconds");
+  if (u("ChannelInitGrant.idle_timeout_seconds", n.idle_timeout_seconds), n.role === void 0)
+    throw new Error("bad ChannelInitGrant.role");
+  if (h("ChannelInitGrant.role", n.role), n.token === void 0)
+    throw new Error("bad ChannelInitGrant.token");
+  if (r("ChannelInitGrant.token", n.token), n.e2ee_psk_b64u === void 0)
+    throw new Error("bad ChannelInitGrant.e2ee_psk_b64u");
+  if (r("ChannelInitGrant.e2ee_psk_b64u", n.e2ee_psk_b64u), n.allowed_suites === void 0)
+    throw new Error("bad ChannelInitGrant.allowed_suites");
+  if (!Array.isArray(n.allowed_suites))
+    throw new Error("bad ChannelInitGrant.allowed_suites");
+  for (let t = 0; t < n.allowed_suites.length; t++)
+    o("ChannelInitGrant.allowed_suites[]", n.allowed_suites[t]);
+  if (n.default_suite === void 0)
+    throw new Error("bad ChannelInitGrant.default_suite");
+  return o("ChannelInitGrant.default_suite", n.default_suite), n;
+}
+export {
+  a as Role,
+  _ as Suite,
+  w as assertChannelInitGrant
+};

package/dist/index17.js

@@ -0,0 +1,195 @@
+import { assertChannelInitGrant as b, Role as E } from "./index16.js";
+import { assertDirectConnectInfo as C } from "./index11.js";
+const u = /^[a-z][a-z0-9._-]{0,63}$/, h = /^[a-z][a-z0-9._-]{0,31}$/, l = /^[A-Za-z0-9._~-]{8,128}$/, _ = new TextEncoder(), A = /* @__PURE__ */ new Set(["v", "transport", "tunnel_grant", "scoped", "correlation"]), S = /* @__PURE__ */ new Set(["v", "transport", "direct_info", "scoped", "correlation"]);
+function a(r) {
+  return typeof r == "object" && r != null && !Array.isArray(r);
+}
+function p(r, t) {
+  return Object.prototype.hasOwnProperty.call(r, t);
+}
+function c(r, t, n) {
+  for (const e of Object.keys(t))
+    if (!n.has(e))
+      throw new Error(`bad ${r}.${e}`);
+}
+function g(r, t, n, e) {
+  if (typeof t != "number" || !Number.isSafeInteger(t))
+    throw new Error(`bad ${r}`);
+  if (t < n || t > e)
+    throw new Error(`bad ${r}`);
+  return t;
+}
+function f(r) {
+  return _.encode(r).length;
+}
+function O(r) {
+  return m(d(r));
+}
+function d(r) {
+  if (r === null)
+    return null;
+  switch (typeof r) {
+    case "string":
+    case "boolean":
+      return r;
+    case "number":
+      if (!Number.isFinite(r))
+        throw new Error("bad payload.number");
+      return r;
+    case "object": {
+      if (Array.isArray(r))
+        return r.map((n) => d(n));
+      if (!a(r))
+        throw new Error("bad payload.object");
+      const t = {};
+      for (const n of Object.keys(r).sort())
+        t[n] = d(r[n]);
+      return t;
+    }
+    default:
+      throw new Error("bad payload.value");
+  }
+}
+function m(r) {
+  return JSON.stringify(r);
+}
+function w(r) {
+  if (Array.isArray(r)) {
+    let t = 1;
+    for (const n of r)
+      t = Math.max(t, 1 + w(n));
+    return t;
+  }
+  if (a(r)) {
+    let t = 1;
+    for (const n of Object.values(r))
+      t = Math.max(t, 1 + w(n));
+    return t;
+  }
+  return 0;
+}
+function y(r) {
+  if (typeof r != "string")
+    return;
+  const t = r.trim();
+  if (l.test(t))
+    return t;
+}
+function z(r) {
+  if (!a(r))
+    throw new Error("bad CorrelationKV");
+  if (c("CorrelationKV", r, /* @__PURE__ */ new Set(["key", "value"])), typeof r.key != "string" || !h.test(r.key))
+    throw new Error("bad CorrelationKV.key");
+  if (typeof r.value != "string")
+    throw new Error("bad CorrelationKV.value");
+  if (f(r.key) > 32)
+    throw new Error("bad CorrelationKV.key");
+  if (f(r.value) > 128)
+    throw new Error("bad CorrelationKV.value");
+  return Object.freeze({ key: r.key, value: r.value });
+}
+function j(r) {
+  if (!a(r))
+    throw new Error("bad CorrelationContext");
+  if (c("CorrelationContext", r, /* @__PURE__ */ new Set(["v", "trace_id", "session_id", "tags"])), r.v !== 1)
+    throw new Error("bad CorrelationContext.v");
+  const t = r.tags;
+  if (t !== void 0 && !Array.isArray(t))
+    throw new Error("bad CorrelationContext.tags");
+  const n = (t ?? []).map((i) => z(i)), e = /* @__PURE__ */ new Set();
+  for (const i of n) {
+    if (e.has(i.key))
+      throw new Error("bad CorrelationContext.tags");
+    e.add(i.key);
+  }
+  if (n.length > 8)
+    throw new Error("bad CorrelationContext.tags");
+  const o = y(r.trace_id), s = y(r.session_id);
+  return Object.freeze({
+    v: 1,
+    ...o === void 0 ? {} : { trace_id: o },
+    ...s === void 0 ? {} : { session_id: s },
+    tags: Object.freeze(n)
+  });
+}
+function k(r) {
+  if (!a(r))
+    throw new Error("bad ScopeMetadataEntry.payload");
+  const t = O(r);
+  if (f(t) > 8192)
+    throw new Error("bad ScopeMetadataEntry.payload");
+  if (w(r) > 8)
+    throw new Error("bad ScopeMetadataEntry.payload");
+  return r;
+}
+function T(r) {
+  if (!a(r))
+    throw new Error("bad ScopeMetadataEntry");
+  if (c("ScopeMetadataEntry", r, /* @__PURE__ */ new Set(["scope", "scope_version", "critical", "payload"])), typeof r.scope != "string" || !u.test(r.scope))
+    throw new Error("bad ScopeMetadataEntry.scope");
+  if (typeof r.critical != "boolean")
+    throw new Error("bad ScopeMetadataEntry.critical");
+  const t = g("ScopeMetadataEntry.scope_version", r.scope_version, 1, 65535), n = k(r.payload);
+  return Object.freeze({
+    scope: r.scope,
+    scope_version: t,
+    critical: r.critical,
+    payload: n
+  });
+}
+function I(r) {
+  if (!Array.isArray(r))
+    throw new Error("bad ConnectArtifact.scoped");
+  if (r.length > 8)
+    throw new Error("bad ConnectArtifact.scoped");
+  const t = r.map((e) => T(e)), n = /* @__PURE__ */ new Set();
+  for (const e of t) {
+    if (n.has(e.scope))
+      throw new Error("bad ConnectArtifact.scoped");
+    n.add(e.scope);
+  }
+  return Object.freeze(t);
+}
+function x(r) {
+  if (!a(r))
+    throw new Error("bad ConnectArtifact");
+  return r;
+}
+function M(r) {
+  if (r !== "tunnel" && r !== "direct")
+    throw new Error("bad ConnectArtifact.transport");
+  return r;
+}
+function K(r) {
+  const t = x(r);
+  if (t.v !== 1)
+    throw new Error("bad ConnectArtifact.v");
+  const n = M(t.transport), e = t.scoped === void 0 ? void 0 : I(t.scoped), o = t.correlation === void 0 ? void 0 : j(t.correlation);
+  if (n === "tunnel") {
+    if (c("TunnelClientConnectArtifact", t, A), !p(t, "tunnel_grant"))
+      throw new Error("bad TunnelClientConnectArtifact.tunnel_grant");
+    const i = b(t.tunnel_grant);
+    if (i.role !== E.Role_client)
+      throw new Error("bad TunnelClientConnectArtifact.tunnel_grant.role");
+    return Object.freeze({
+      v: 1,
+      transport: n,
+      tunnel_grant: i,
+      ...e === void 0 ? {} : { scoped: e },
+      ...o === void 0 ? {} : { correlation: o }
+    });
+  }
+  if (c("DirectClientConnectArtifact", t, S), !p(t, "direct_info"))
+    throw new Error("bad DirectClientConnectArtifact.direct_info");
+  const s = C(t.direct_info);
+  return Object.freeze({
+    v: 1,
+    transport: n,
+    direct_info: s,
+    ...e === void 0 ? {} : { scoped: e },
+    ...o === void 0 ? {} : { correlation: o }
+  });
+}
+export {
+  K as assertConnectArtifact
+};

package/dist/index18.js

@@ -0,0 +1,148 @@
+import { assertProxyPresetManifest as u } from "./index21.js";
+const x = /^[a-z][a-z0-9._-]{0,63}$/, w = 8 * 1024, h = 8, B = 64, b = 4 * 1024;
+function i(r) {
+  return typeof r == "object" && r != null && !Array.isArray(r);
+}
+function d(r, e, t) {
+  const o = new Set(t);
+  for (const n of Object.keys(e))
+    if (!o.has(n))
+      throw new Error(`bad ${r}.${n}`);
+}
+function s(r, e) {
+  if (typeof e != "number" || !Number.isSafeInteger(e) || e <= 0)
+    throw new Error(`bad ${r}`);
+  return e;
+}
+function a(r) {
+  return new TextEncoder().encode(r).length;
+}
+function c(r) {
+  if (Array.isArray(r)) {
+    let e = 1;
+    for (const t of r)
+      e = Math.max(e, 1 + c(t));
+    return e;
+  }
+  if (i(r)) {
+    let e = 1;
+    for (const t of Object.values(r))
+      e = Math.max(e, 1 + c(t));
+    return e;
+  }
+  return 0;
+}
+function f(r) {
+  return Array.isArray(r) ? r.reduce((e, t) => e + f(t), 0) : i(r) ? Object.entries(r).reduce((e, [, t]) => e + 1 + f(t), 0) : 0;
+}
+function E(r) {
+  if (!i(r))
+    throw new Error("bad proxy.runtime.payload");
+  if (a(JSON.stringify(r)) > w)
+    throw new Error("bad proxy.runtime.payload");
+  if (c(r) > h)
+    throw new Error("bad proxy.runtime.payload");
+  if (f(r) > B)
+    throw new Error("bad proxy.runtime.payload");
+  return r;
+}
+function l(r) {
+  if (!i(r))
+    throw new Error("bad proxy.runtime.serviceWorker");
+  d("proxy.runtime.serviceWorker", r, ["scriptUrl", "scope"]);
+  const e = String(r.scriptUrl ?? "").trim(), t = String(r.scope ?? "").trim();
+  if (e === "")
+    throw new Error("bad proxy.runtime.serviceWorker.scriptUrl");
+  if (t === "")
+    throw new Error("bad proxy.runtime.serviceWorker.scope");
+  return Object.freeze({ scriptUrl: e, scope: t });
+}
+function g(r) {
+  if (!Array.isArray(r))
+    throw new Error("bad proxy.runtime.controllerBridge.allowedOrigins");
+  const e = [], t = /* @__PURE__ */ new Set();
+  for (const o of r) {
+    const n = String(o ?? "").trim();
+    n === "" || t.has(n) || (t.add(n), e.push(n));
+  }
+  if (e.length === 0)
+    throw new Error("bad proxy.runtime.controllerBridge.allowedOrigins");
+  return Object.freeze(e);
+}
+function O(r) {
+  if (!i(r))
+    throw new Error("bad proxy.runtime.controllerBridge");
+  return d("proxy.runtime.controllerBridge", r, ["allowedOrigins"]), Object.freeze({
+    allowedOrigins: g(r.allowedOrigins)
+  });
+}
+function k(r) {
+  if (!i(r))
+    throw new Error("bad proxy.runtime.limits");
+  d("proxy.runtime.limits", r, [
+    "timeoutMs",
+    "maxJsonFrameBytes",
+    "maxChunkBytes",
+    "maxBodyBytes",
+    "maxWsFrameBytes"
+  ]);
+  const e = {};
+  return r.timeoutMs !== void 0 && (e.timeoutMs = s("proxy.runtime.limits.timeoutMs", r.timeoutMs)), r.maxJsonFrameBytes !== void 0 && (e.maxJsonFrameBytes = s("proxy.runtime.limits.maxJsonFrameBytes", r.maxJsonFrameBytes)), r.maxChunkBytes !== void 0 && (e.maxChunkBytes = s("proxy.runtime.limits.maxChunkBytes", r.maxChunkBytes)), r.maxBodyBytes !== void 0 && (e.maxBodyBytes = s("proxy.runtime.limits.maxBodyBytes", r.maxBodyBytes)), r.maxWsFrameBytes !== void 0 && (e.maxWsFrameBytes = s("proxy.runtime.limits.maxWsFrameBytes", r.maxWsFrameBytes)), Object.freeze(e);
+}
+function S(r) {
+  if (!i(r))
+    throw new Error("bad proxy.runtime.preset");
+  d("proxy.runtime.preset", r, ["presetId", "snapshot"]);
+  const e = String(r.presetId ?? "").trim();
+  if (!x.test(e))
+    throw new Error("bad proxy.runtime.preset.presetId");
+  if (r.snapshot === void 0)
+    return Object.freeze({ presetId: e });
+  const t = u(r.snapshot);
+  if (a(JSON.stringify(t)) > b)
+    throw new Error("bad proxy.runtime.preset.snapshot");
+  return Object.freeze({ presetId: e, snapshot: t });
+}
+function M(r) {
+  const e = E(r);
+  d("proxy.runtime", e, [
+    "mode",
+    "appBasePath",
+    "serviceWorker",
+    "controllerBridge",
+    "preset",
+    "limits"
+  ]);
+  const t = e.mode;
+  if (t !== "service_worker" && t !== "controller_bridge")
+    throw new Error("bad proxy.runtime.mode");
+  const o = e.appBasePath === void 0 ? void 0 : String(e.appBasePath ?? "").trim();
+  if (e.appBasePath !== void 0 && o === "")
+    throw new Error("bad proxy.runtime.appBasePath");
+  const n = S(e.preset), m = e.limits === void 0 ? void 0 : k(e.limits);
+  if (t === "service_worker") {
+    if (e.controllerBridge !== void 0)
+      throw new Error("bad proxy.runtime.controllerBridge");
+    const p = l(e.serviceWorker);
+    return Object.freeze({
+      mode: t,
+      ...o === void 0 ? {} : { appBasePath: o },
+      serviceWorker: p,
+      preset: n,
+      ...m === void 0 ? {} : { limits: m }
+    });
+  }
+  if (e.serviceWorker !== void 0)
+    throw new Error("bad proxy.runtime.serviceWorker");
+  const y = O(e.controllerBridge);
+  return Object.freeze({
+    mode: t,
+    ...o === void 0 ? {} : { appBasePath: o },
+    controllerBridge: y,
+    preset: n,
+    ...m === void 0 ? {} : { limits: m }
+  });
+}
+export {
+  M as assertProxyRuntimeScopeV1
+};

package/dist/index19.js

@@ -0,0 +1,3 @@
+import "./index9.js";
+new TextEncoder();
+new TextDecoder();

package/dist/index2.js

@@ -0,0 +1,39 @@
+function l(r) {
+  let t = String(r ?? "").replace(/-/g, "+").replace(/_/g, "/");
+  for (; t.length % 4 !== 0; ) t += "=";
+  return t;
+}
+function o(r) {
+  const t = String(r ?? "").trim();
+  if (!t) return null;
+  const n = String(window.location.hash ?? "").trim(), e = n.startsWith("#") ? n.slice(1) : n;
+  if (!e) return null;
+  try {
+    const a = new URLSearchParams(e);
+    return String(a.get(t) ?? "").trim() || null;
+  } catch {
+    return null;
+  }
+}
+function i(r) {
+  const t = o(r);
+  if (!t) return null;
+  try {
+    const n = atob(l(t));
+    return n ? JSON.parse(n) : null;
+  } catch {
+    return null;
+  }
+}
+function s() {
+  try {
+    history.replaceState(null, document.title, window.location.pathname + window.location.search);
+  } catch {
+  }
+}
+export {
+  l as base64UrlToBase64,
+  s as clearLocationHash,
+  i as parseBase64UrlJsonFromHash,
+  o as parseHashParam
+};

package/dist/index20.js

@@ -0,0 +1,6 @@
+const _ = 262144, A = 67108864, E = 1048576;
+export {
+  A as DEFAULT_MAX_BODY_BYTES,
+  _ as DEFAULT_MAX_CHUNK_BYTES,
+  E as DEFAULT_MAX_WS_FRAME_BYTES
+};

package/dist/index21.js

@@ -0,0 +1,109 @@
+import { DEFAULT_MAX_JSON_FRAME_BYTES as r } from "./index9.js";
+import { DEFAULT_MAX_WS_FRAME_BYTES as b, DEFAULT_MAX_BODY_BYTES as m, DEFAULT_MAX_CHUNK_BYTES as o } from "./index20.js";
+const c = /^[a-z][a-z0-9._-]{0,63}$/, _ = Object.freeze({
+  max_json_frame_bytes: r,
+  max_chunk_bytes: o,
+  max_body_bytes: m,
+  max_ws_frame_bytes: b
+}), w = Object.freeze({
+  v: 1,
+  preset_id: "default",
+  limits: {
+    max_json_frame_bytes: r,
+    max_chunk_bytes: o,
+    max_body_bytes: m,
+    max_ws_frame_bytes: b
+  }
+}), p = Object.freeze({
+  v: 1,
+  preset_id: "codeserver",
+  deprecated: !0,
+  limits: {
+    max_json_frame_bytes: r,
+    max_chunk_bytes: o,
+    max_body_bytes: m,
+    max_ws_frame_bytes: 32 * 1024 * 1024
+  }
+});
+function i(e) {
+  return typeof e == "object" && e != null && !Array.isArray(e);
+}
+function y(e, t, d) {
+  const x = new Set(d);
+  for (const a of Object.keys(t))
+    if (!x.has(a))
+      throw new Error(`bad ${e}.${a}`);
+}
+function s(e, t) {
+  if (typeof t != "number" || !Number.isSafeInteger(t) || t <= 0)
+    throw new Error(`${e} must be a positive safe integer`);
+  return t;
+}
+function f(e) {
+  if (!i(e))
+    throw new Error("bad ProxyPresetManifest.limits");
+  y("ProxyPresetManifest.limits", e, [
+    "max_json_frame_bytes",
+    "max_chunk_bytes",
+    "max_body_bytes",
+    "max_ws_frame_bytes",
+    "timeout_ms"
+  ]);
+  const t = {};
+  return e.max_json_frame_bytes !== void 0 && (t.max_json_frame_bytes = s("max_json_frame_bytes", e.max_json_frame_bytes)), e.max_chunk_bytes !== void 0 && (t.max_chunk_bytes = s("max_chunk_bytes", e.max_chunk_bytes)), e.max_body_bytes !== void 0 && (t.max_body_bytes = s("max_body_bytes", e.max_body_bytes)), e.max_ws_frame_bytes !== void 0 && (t.max_ws_frame_bytes = s("max_ws_frame_bytes", e.max_ws_frame_bytes)), e.timeout_ms !== void 0 && (t.timeout_ms = s("timeout_ms", e.timeout_ms)), Object.freeze(t);
+}
+function E(e) {
+  if (!i(e))
+    throw new Error("bad ProxyPresetManifest");
+  if (y("ProxyPresetManifest", e, ["v", "preset_id", "deprecated", "limits"]), e.v !== 1)
+    throw new Error("bad ProxyPresetManifest.v");
+  if (typeof e.preset_id != "string" || !c.test(e.preset_id))
+    throw new Error("bad ProxyPresetManifest.preset_id");
+  if (e.deprecated !== void 0 && typeof e.deprecated != "boolean")
+    throw new Error("bad ProxyPresetManifest.deprecated");
+  return Object.freeze({
+    v: 1,
+    preset_id: e.preset_id,
+    ...e.deprecated === void 0 ? {} : { deprecated: e.deprecated },
+    limits: f(e.limits)
+  });
+}
+function n(e) {
+  return Object.freeze({
+    v: 1,
+    preset_id: e.preset_id,
+    deprecated: e.deprecated === !0,
+    limits: Object.freeze({
+      max_json_frame_bytes: e.limits.max_json_frame_bytes ?? _.max_json_frame_bytes,
+      max_chunk_bytes: e.limits.max_chunk_bytes ?? _.max_chunk_bytes,
+      max_body_bytes: e.limits.max_body_bytes ?? _.max_body_bytes,
+      max_ws_frame_bytes: e.limits.max_ws_frame_bytes ?? _.max_ws_frame_bytes,
+      ...e.limits.timeout_ms === void 0 ? {} : { timeout_ms: e.limits.timeout_ms }
+    })
+  });
+}
+function P(e) {
+  if (e == null)
+    return n(w);
+  if (i(e) && ("v" in e || "presetId" in e || "limits" in e))
+    return n(E(e));
+  const t = f(e);
+  return Object.freeze({
+    v: 1,
+    preset_id: "custom",
+    deprecated: !1,
+    limits: Object.freeze({
+      max_json_frame_bytes: t.max_json_frame_bytes ?? _.max_json_frame_bytes,
+      max_chunk_bytes: t.max_chunk_bytes ?? _.max_chunk_bytes,
+      max_body_bytes: t.max_body_bytes ?? _.max_body_bytes,
+      max_ws_frame_bytes: t.max_ws_frame_bytes ?? _.max_ws_frame_bytes,
+      ...t.timeout_ms === void 0 ? {} : { timeout_ms: t.timeout_ms }
+    })
+  });
+}
+export {
+  p as CODESERVER_PROXY_PRESET_MANIFEST,
+  w as DEFAULT_PROXY_PRESET_MANIFEST,
+  E as assertProxyPresetManifest,
+  P as resolveProxyPreset
+};

package/dist/index22.js

@@ -0,0 +1,2 @@
+new TextEncoder();
+new TextDecoder();

package/dist/index23.js

@@ -0,0 +1 @@
+new TextEncoder();

package/dist/index24.js

@@ -0,0 +1 @@
+new TextEncoder();

package/dist/index25.js

@@ -0,0 +1 @@
+new TextEncoder();

package/dist/index3.js

@@ -0,0 +1,30 @@
+function m(e, n, i) {
+  const r = Array.from(new Set((n ?? []).map((t) => String(t ?? "").trim()).filter(Boolean)));
+  for (const t of r)
+    try {
+      e.postMessage(i, t);
+    } catch {
+    }
+}
+function d(e) {
+  const n = Array.from(new Set((e.expectedOrigins ?? []).map((r) => String(r ?? "").trim()).filter(Boolean)));
+  if (n.length === 0) return Promise.reject(new Error("expectedOrigins is required"));
+  if (!e.expectedSource) return Promise.reject(new Error("expectedSource is required"));
+  const i = Math.max(0, Math.floor(e.timeoutMs ?? 8e3));
+  return new Promise((r, t) => {
+    const u = window.setTimeout(() => {
+      c(), t(new Error("Handshake timeout"));
+    }, i), s = (o) => {
+      if (!n.includes(o.origin) || o.source !== e.expectedSource) return;
+      const a = e.accept(o.data);
+      a != null && (c(), r(a));
+    }, c = () => {
+      window.clearTimeout(u), window.removeEventListener("message", s);
+    };
+    window.addEventListener("message", s);
+  });
+}
+export {
+  m as postMessageToOrigins,
+  d as waitForMessage
+};

package/dist/index4.js

@@ -0,0 +1,24 @@
+function o(t) {
+  try {
+    return String(sessionStorage.getItem(t) ?? "").trim();
+  } catch {
+    return "";
+  }
+}
+function r(t, e) {
+  try {
+    sessionStorage.setItem(t, e);
+  } catch {
+  }
+}
+function s(t) {
+  try {
+    sessionStorage.removeItem(t);
+  } catch {
+  }
+}
+export {
+  o as getSessionStorage,
+  s as removeSessionStorage,
+  r as setSessionStorage
+};

package/dist/index5.js

@@ -0,0 +1,40 @@
+import { requestConnectArtifact as c, requestEntryConnectArtifact as a } from "./index8.js";
+function o(r, t) {
+  const e = String(t ?? r?.traceId ?? "").trim();
+  return e ? { ...r ?? {}, traceId: e } : r;
+}
+function n(r, t = "factory") {
+  return {
+    kind: t,
+    getArtifact: r
+  };
+}
+function u(r) {
+  return n(async () => r, "fixed");
+}
+function l(r) {
+  return n(
+    async ({ signal: t, traceId: e }) => c({
+      ...r,
+      ...t === void 0 ? {} : { signal: t },
+      ...o(r.correlation, e) === void 0 ? {} : { correlation: o(r.correlation, e) }
+    }),
+    "controlplane"
+  );
+}
+function f(r) {
+  return n(
+    async ({ signal: t, traceId: e }) => a({
+      ...r,
+      ...t === void 0 ? {} : { signal: t },
+      ...o(r.correlation, e) === void 0 ? {} : { correlation: o(r.correlation, e) }
+    }),
+    "entry_controlplane"
+  );
+}
+export {
+  n as createArtifactSourceFromFactory,
+  l as createControlplaneArtifactSource,
+  f as createEntryControlplaneArtifactSource,
+  u as createFixedArtifactSource
+};

package/dist/index6.js

@@ -0,0 +1,37 @@
+import { createBootstrapScopeResolvers as n } from "./index7.js";
+function t(e) {
+  return async (c) => e.getArtifact(c);
+}
+function r(e) {
+  return {
+    mode: "tunnel",
+    getArtifact: t(e.artifactSource),
+    ...e.observer === void 0 ? {} : { observer: e.observer },
+    ...e.autoReconnect === void 0 ? {} : { autoReconnect: e.autoReconnect },
+    ...e.connect === void 0 ? {} : { connect: e.connect }
+  };
+}
+function a(e) {
+  const c = e.connect;
+  return r({
+    ...e,
+    connect: {
+      ...c ?? {},
+      scopeResolvers: n(c?.scopeResolvers)
+    }
+  });
+}
+function u(e) {
+  return {
+    mode: "direct",
+    getArtifact: t(e.artifactSource),
+    ...e.observer === void 0 ? {} : { observer: e.observer },
+    ...e.autoReconnect === void 0 ? {} : { autoReconnect: e.autoReconnect },
+    ...e.connect === void 0 ? {} : { connect: e.connect }
+  };
+}
+export {
+  u as createArtifactDirectReconnectConfig,
+  r as createArtifactTunnelReconnectConfig,
+  a as createProxyRuntimeTunnelReconnectConfig
+};

package/dist/index7.js

@@ -0,0 +1,32 @@
+import "./index9.js";
+import "./index10.js";
+import "./index11.js";
+import "./index12.js";
+import "./index13.js";
+import "./index14.js";
+import "./index15.js";
+import "./index16.js";
+import "./index17.js";
+import { assertProxyRuntimeScopeV1 as t } from "./index18.js";
+import "./index19.js";
+const r = "proxy.runtime";
+function e(o) {
+  if (o.scope_version !== 1)
+    throw new Error(`unsupported ${r} scope_version: ${o.scope_version}`);
+  t(o.payload);
+}
+const p = Object.freeze({
+  [r]: e
+});
+function f(o) {
+  return o ? Object.freeze({
+    ...o,
+    [r]: e
+  }) : p;
+}
+export {
+  p as FLOWERSEC_BOOTSTRAP_SCOPE_RESOLVERS,
+  r as PROXY_RUNTIME_SCOPE_NAME,
+  f as createBootstrapScopeResolvers,
+  e as validateProxyRuntimeScopeEntry
+};

package/dist/index8.js

@@ -0,0 +1,159 @@
+import { assertConnectArtifact as l } from "./index17.js";
+class d extends Error {
+  status;
+  code;
+  responseBody;
+  constructor(e) {
+    super(e.message), this.name = "ControlplaneRequestError", this.status = e.status, this.code = String(e.code ?? "").trim(), this.responseBody = e.responseBody;
+  }
+}
+const w = "/v1/connect/artifact", y = "/v1/connect/artifact/entry", T = 1 << 20;
+class c extends Error {
+  constructor(e) {
+    super(`controlplane response exceeded ${e} bytes`), this.name = "ControlplaneResponseTooLargeError";
+  }
+}
+function m(t) {
+  if (t)
+    return t;
+  if (typeof globalThis.fetch == "function")
+    return globalThis.fetch.bind(globalThis);
+  throw new Error("global fetch is not available");
+}
+function u(t, e) {
+  const r = String(t ?? "").trim();
+  return r === "" ? e : `${r.replace(/\/+$/, "")}${e}`;
+}
+function b(t) {
+  const e = String(t ?? "").trim();
+  if (e === "")
+    return "";
+  try {
+    return JSON.parse(e);
+  } catch {
+    return e;
+  }
+}
+function E(t) {
+  const e = String(t ?? "").trim();
+  if (e === "" || !/^[0-9]+$/.test(e))
+    return null;
+  const r = Number(e);
+  return !Number.isSafeInteger(r) || r < 0 ? null : r;
+}
+async function S(t, e) {
+  const r = E(t.headers.get("Content-Length"));
+  if (r !== null && r > e)
+    throw new c(e);
+  if (!t.body)
+    return "";
+  const n = t.body.getReader(), a = new TextDecoder();
+  let o = 0, s = "";
+  for (; ; ) {
+    const i = await n.read();
+    if (i.done)
+      break;
+    if (o += i.value.byteLength, o > e) {
+      try {
+        await n.cancel();
+      } catch {
+      }
+      throw new c(e);
+    }
+    s += a.decode(i.value, { stream: !0 });
+  }
+  return s += a.decode(), s;
+}
+function C(t, e) {
+  let r = `controlplane request failed: ${t}`, n = "";
+  if (e && typeof e == "object") {
+    const a = e.error;
+    if (a && typeof a == "object") {
+      const o = String(a.message ?? "").trim();
+      o !== "" && (r = o), n = String(a.code ?? "").trim();
+    }
+  } else typeof e == "string" && e !== "" && (r = e);
+  return { code: n, message: r };
+}
+async function f(t, e) {
+  const n = await m(e.fetch)(t, {
+    ...e,
+    cache: "no-store"
+  });
+  let a = "";
+  try {
+    a = await S(n, T);
+  } catch (s) {
+    throw s instanceof c && !n.ok ? new d({
+      status: n.status,
+      message: s.message
+    }) : s;
+  }
+  const o = b(a);
+  if (!n.ok) {
+    const s = C(n.status, o);
+    throw new d({
+      status: n.status,
+      message: s.message,
+      code: s.code,
+      responseBody: o
+    });
+  }
+  if (typeof o == "string")
+    throw o === "" ? new Error("Invalid controlplane response: expected JSON body") : new Error("Invalid controlplane response: expected JSON body");
+  return o;
+}
+function h(t) {
+  const e = {
+    endpoint_id: String(t.endpointId ?? "").trim()
+  };
+  if (e.endpoint_id === "")
+    throw new Error("endpointId is required");
+  t.payload !== void 0 && (e.payload = { ...t.payload });
+  const r = String(t.correlation?.traceId ?? "").trim();
+  return r !== "" && (e.correlation = { trace_id: r }), e;
+}
+function p(t) {
+  const e = new Headers(t);
+  return e.has("Content-Type") || e.set("Content-Type", "application/json"), e;
+}
+async function _(t) {
+  const e = await f(u(t.baseUrl, t.path ?? w), {
+    ...t.fetch === void 0 ? {} : { fetch: t.fetch },
+    method: "POST",
+    credentials: t.credentials ?? "omit",
+    headers: p(t.headers),
+    body: JSON.stringify(h(t)),
+    ...t.signal === void 0 ? {} : { signal: t.signal }
+  });
+  if (!e?.connect_artifact)
+    throw new Error("Invalid controlplane response: missing `connect_artifact`");
+  return l(e.connect_artifact);
+}
+async function N(t) {
+  const e = String(t.entryTicket ?? "").trim();
+  if (e === "")
+    throw new Error("entryTicket is required");
+  const r = p(t.headers);
+  r.set("Authorization", `Bearer ${e}`);
+  const n = await f(u(t.baseUrl, t.path ?? y), {
+    ...t.fetch === void 0 ? {} : { fetch: t.fetch },
+    method: "POST",
+    credentials: t.credentials ?? "omit",
+    headers: r,
+    body: JSON.stringify(h(t)),
+    ...t.signal === void 0 ? {} : { signal: t.signal }
+  });
+  if (!n?.connect_artifact)
+    throw new Error("Invalid controlplane response: missing `connect_artifact`");
+  return l(n.connect_artifact);
+}
+export {
+  d as ControlplaneRequestError,
+  w as DEFAULT_CONNECT_ARTIFACT_PATH,
+  y as DEFAULT_ENTRY_CONNECT_ARTIFACT_PATH,
+  u as buildControlplaneURL,
+  _ as requestConnectArtifact,
+  f as requestControlplaneJSON,
+  N as requestEntryConnectArtifact
+};

package/dist/index9.js

@@ -0,0 +1,6 @@
+const e = 1048576;
+new TextEncoder();
+new TextDecoder();
+export {
+  e as DEFAULT_MAX_JSON_FRAME_BYTES
+};

package/dist/messaging.d.ts

@@ -0,0 +1,8 @@
+export type WaitForMessageOptions<T> = Readonly<{
+    expectedOrigins: string[];
+    expectedSource: Window;
+    timeoutMs?: number;
+    accept: (data: unknown) => T | null;
+}>;
+export declare function postMessageToOrigins(target: Window, origins: string[], message: unknown): void;
+export declare function waitForMessage<T>(opts: WaitForMessageOptions<T>): Promise<T>;

package/dist/reconnect.d.ts

@@ -0,0 +1,21 @@
+import type { DirectBrowserReconnectConfig, DirectConnectBrowserOptions, TunnelBrowserReconnectConfig, TunnelConnectBrowserOptions } from '@floegence/flowersec-core/browser';
+import type { ClientObserverLike } from '@floegence/flowersec-core/observability';
+import type { AutoReconnectConfig } from '@floegence/flowersec-core/reconnect';
+import type { ArtifactSource } from './artifactSource';
+type SharedArtifactReconnectOptions = Readonly<{
+    artifactSource: ArtifactSource;
+    observer?: ClientObserverLike;
+    autoReconnect?: AutoReconnectConfig;
+}>;
+type TunnelArtifactConnectOptions = Omit<TunnelConnectBrowserOptions, 'observer' | 'signal'>;
+type DirectArtifactConnectOptions = Omit<DirectConnectBrowserOptions, 'observer' | 'signal'>;
+export type TunnelArtifactReconnectOptions = SharedArtifactReconnectOptions & Readonly<{
+    connect?: TunnelArtifactConnectOptions;
+}>;
+export type DirectArtifactReconnectOptions = SharedArtifactReconnectOptions & Readonly<{
+    connect?: DirectArtifactConnectOptions;
+}>;
+export declare function createArtifactTunnelReconnectConfig(options: TunnelArtifactReconnectOptions): TunnelBrowserReconnectConfig;
+export declare function createProxyRuntimeTunnelReconnectConfig(options: TunnelArtifactReconnectOptions): TunnelBrowserReconnectConfig;
+export declare function createArtifactDirectReconnectConfig(options: DirectArtifactReconnectOptions): DirectBrowserReconnectConfig;
+export {};

package/dist/scope.d.ts

@@ -0,0 +1,12 @@
+export declare const PROXY_RUNTIME_SCOPE_NAME = "proxy.runtime";
+export type ScopeEnvelope = Readonly<{
+    scope_version: number;
+    payload: unknown;
+}>;
+export type ScopeResolver = (entry: ScopeEnvelope) => void;
+export type ScopeResolverMap = Readonly<Record<string, ScopeResolver>>;
+export declare function validateProxyRuntimeScopeEntry(entry: ScopeEnvelope): void;
+export declare const FLOWERSEC_BOOTSTRAP_SCOPE_RESOLVERS: Readonly<{
+    "proxy.runtime": typeof validateProxyRuntimeScopeEntry;
+}>;
+export declare function createBootstrapScopeResolvers(extra?: ScopeResolverMap): ScopeResolverMap;

package/dist/storage.d.ts

@@ -0,0 +1,3 @@
+export declare function getSessionStorage(key: string): string;
+export declare function setSessionStorage(key: string, value: string): void;
+export declare function removeSessionStorage(key: string): void;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@floegence/floe-webapp-boot",
-  "version": "0.35.58",
+  "version": "0.35.59",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -26,6 +26,9 @@
     "typecheck": "tsc --noEmit",
     "clean": "rm -rf dist *.tsbuildinfo"
   },
+  "dependencies": {
+    "@floegence/flowersec-core": "^0.19.1"
+  },
   "devDependencies": {
     "typescript": "^5.9.3",
     "vite": "^7.3.2"