@freshjuice/zest 2.0.0 → 2.1.0

package/dist/zest.d.ts

@@ -0,0 +1,214 @@
+/**
+ * Type definitions for `@freshjuice/zest` (full build with UI).
+ *
+ * The full build ships the consent engine plus a Shadow-DOM banner,
+ * settings modal, and floating widget. It auto-initialises on script
+ * load when included via `<script>`, or you can drive it manually via
+ * `Zest.init()`.
+ *
+ * For a logic-only build without UI, import from
+ * `@freshjuice/zest/headless` instead.
+ *
+ * @example
+ * ```ts
+ * import Zest from '@freshjuice/zest';
+ *
+ * Zest.init({
+ *   position: 'bottom-right',
+ *   theme: 'auto',
+ *   accentColor: '#0071e3',
+ *   policyUrl: '/privacy'
+ * });
+ * ```
+ */
+
+/** Built-in consent categories. */
+export type ConsentCategory =
+  | 'essential'
+  | 'functional'
+  | 'analytics'
+  | 'marketing';
+
+/**
+ * Per-category boolean consent state. `essential` is always `true` —
+ * consent for it cannot be revoked because it covers strictly-necessary
+ * processing.
+ */
+export type ConsentState =
+  & Partial<Record<ConsentCategory, boolean>>
+  & { essential: true };
+
+/** Snapshot returned by `init()`. */
+export interface InitSnapshot {
+  consent: ConsentState;
+  hasDecision: boolean;
+  dntApplied: boolean;
+}
+
+/** Tamper-evident proof of the user's last consent decision. */
+export interface ConsentProof {
+  version: string;
+  timestamp: number;
+  categories: ConsentState;
+}
+
+/** Output of `getDNTDetails()`. */
+export interface DNTDetails {
+  dnt: boolean;
+  gpc: boolean;
+  doNotTrack: string | null;
+  globalPrivacyControl: boolean;
+}
+
+/** Behaviour when DNT / GPC is detected at init time. */
+export type DNTBehavior = 'reject' | 'preselect' | 'ignore';
+
+/** Banner position on the page. */
+export type BannerPosition = 'bottom' | 'bottom-left' | 'bottom-right' | 'top';
+
+/** UI theme. `auto` follows `prefers-color-scheme`. */
+export type ZestTheme = 'light' | 'dark' | 'auto';
+
+/** Script-blocking strictness. */
+export type ZestMode = 'manual' | 'safe' | 'strict' | 'doomsday';
+
+/**
+ * Optional consumer callbacks. Each is wrapped in a try/catch internally
+ * so a thrown error never breaks the consent pipeline.
+ */
+export interface ZestCallbacks {
+  onAccept?: (consent: ConsentState) => void;
+  onReject?: (consent: ConsentState) => void;
+  onChange?: (consent: ConsentState) => void;
+  onReady?: (consent: ConsentState) => void;
+}
+
+/** Configuration accepted by `init()` and `window.ZestConfig`. */
+export interface InitOptions {
+  /** Display language. `'auto'` detects from `<html lang>` / browser. */
+  lang?:
+    | 'auto'
+    | 'en' | 'de' | 'es' | 'fr' | 'it' | 'pt'
+    | 'nl' | 'pl' | 'uk' | 'ru' | 'ja' | 'zh';
+  /** Banner position. Default `'bottom'`. */
+  position?: BannerPosition;
+  /** UI theme. Default `'auto'`. */
+  theme?: ZestTheme;
+  /** Hex accent color for buttons (e.g. `'#0071e3'`). */
+  accentColor?: string;
+  /** Link to the host site's privacy policy. */
+  policyUrl?: string;
+  /** Show floating "manage cookies" widget after a decision. Default `true`. */
+  showWidget?: boolean;
+  /** Cookie expiration in days. Default `365`. */
+  expiration?: number;
+  /** Script-blocking mode. Default `'safe'`. */
+  mode?: ZestMode;
+  /** Auto-initialise on script load. Default `true` for the UI build. */
+  autoInit?: boolean;
+  /** Respect Do Not Track / Global Privacy Control. Default `true`. */
+  respectDNT?: boolean;
+  /** What to do when DNT/GPC is on. Default `'reject'`. */
+  dntBehavior?: DNTBehavior;
+  /** Consumer callbacks. */
+  callbacks?: ZestCallbacks;
+  /** Anything else — Zest tolerates unknown keys at runtime. */
+  [key: string]: unknown;
+}
+
+/** Event names emitted on `document.documentElement`. */
+export interface ZestEvents {
+  READY: 'zest:ready';
+  CONSENT: 'zest:consent';
+  REJECT: 'zest:reject';
+  CHANGE: 'zest:change';
+  SHOW: 'zest:show';
+  HIDE: 'zest:hide';
+}
+
+export type ZestEventName = ZestEvents[keyof ZestEvents];
+
+/** Detail payload of consent events. */
+export interface ZestEventDetail {
+  consent: ConsentState;
+  previous?: ConsentState;
+}
+
+declare const Zest: {
+  /** Initialise. Auto-called when the script loads unless `autoInit: false`. */
+  init(options?: InitOptions): InitSnapshot;
+
+  /** Show the consent banner. */
+  show(): void;
+
+  /** Hide the consent banner. */
+  hide(): void;
+
+  /** Open the per-category settings modal. */
+  showSettings(): void;
+
+  /** Close the settings modal. */
+  hideSettings(): void;
+
+  /** Show the persistent "manage cookies" widget. */
+  showWidget(): void;
+
+  /** Hide the widget without removing it. */
+  hideWidget(): void;
+
+  /** Current consent state (clone, safe to mutate). */
+  getConsent(): ConsentState;
+
+  /** Has the user granted consent for `category`? */
+  hasConsent(category: ConsentCategory): boolean;
+
+  /** Has the user made any consent decision yet? */
+  hasConsentDecision(): boolean;
+
+  /** Tamper-evident snapshot of the last consent decision. */
+  getConsentProof(): ConsentProof | null;
+
+  /** Grant consent for every category and run accept callbacks. */
+  acceptAll(): void;
+
+  /** Revoke consent for every non-essential category and run reject callbacks. */
+  rejectAll(): void;
+
+  /** Wipe all consent state and reshow the banner. */
+  reset(): void;
+
+  /** True if the browser is sending DNT or GPC. */
+  isDoNotTrackEnabled(): boolean;
+
+  /** Why `isDoNotTrackEnabled()` returned what it did. */
+  getDNTDetails(): DNTDetails;
+
+  /** Subscribe to a consent event. Returns an unsubscribe function. */
+  on(
+    eventName: ZestEventName,
+    handler: (event: CustomEvent<ZestEventDetail>) => void
+  ): () => void;
+
+  /** Subscribe once; auto-unsubscribes after the first call. */
+  once(
+    eventName: ZestEventName,
+    handler: (event: CustomEvent<ZestEventDetail>) => void
+  ): () => void;
+
+  /** Constants for `on()` / `once()`. */
+  EVENTS: ZestEvents;
+
+  /** Active configuration after `init()`. */
+  getConfig(): InitOptions | null;
+};
+
+export default Zest;
+
+declare global {
+  interface Window {
+    /** Set before loading `zest.min.js` to configure auto-initialisation. */
+    ZestConfig?: InitOptions;
+    /** The Zest singleton, attached after auto-init. */
+    Zest?: typeof Zest;
+  }
+}

package/dist/zest.headless.d.ts

@@ -0,0 +1,178 @@
+/**
+ * Type definitions for `@freshjuice/zest/headless`.
+ *
+ * The headless build ships the consent engine without any UI: no Shadow
+ * DOM, no styles, no DOM mounting. You bring your own banner / modal /
+ * settings markup and call into Zest for the consent state.
+ *
+ * @example
+ * ```ts
+ * import Zest from '@freshjuice/zest/headless';
+ *
+ * Zest.init({ respectDNT: true, expiration: 365 });
+ *
+ * if (!Zest.hasConsentDecision()) myBanner.show();
+ *
+ * acceptBtn.addEventListener('click', () => Zest.acceptAll());
+ * rejectBtn.addEventListener('click', () => Zest.rejectAll());
+ * ```
+ */
+
+/** Built-in consent categories. */
+export type ConsentCategory =
+  | 'essential'
+  | 'functional'
+  | 'analytics'
+  | 'marketing';
+
+/**
+ * Per-category boolean consent state. `essential` is always `true` —
+ * consent for it cannot be revoked because it covers strictly-necessary
+ * processing.
+ */
+export type ConsentState =
+  & Partial<Record<ConsentCategory, boolean>>
+  & { essential: true };
+
+/** Snapshot returned by `init()`. */
+export interface InitSnapshot {
+  consent: ConsentState;
+  hasDecision: boolean;
+  dntApplied: boolean;
+}
+
+/** Tamper-evident proof of the user's last consent decision. */
+export interface ConsentProof {
+  version: string;
+  timestamp: number;
+  categories: ConsentState;
+}
+
+/** Output of `getDNTDetails()`. */
+export interface DNTDetails {
+  dnt: boolean;
+  gpc: boolean;
+  doNotTrack: string | null;
+  globalPrivacyControl: boolean;
+}
+
+/** Behaviour when DNT / GPC is detected at init time. */
+export type DNTBehavior = 'reject' | 'preselect' | 'ignore';
+
+/**
+ * Optional consumer callbacks. Each is wrapped in a try/catch internally
+ * so a thrown error never breaks the consent pipeline.
+ */
+export interface ZestCallbacks {
+  onAccept?: (consent: ConsentState) => void;
+  onReject?: (consent: ConsentState) => void;
+  onChange?: (consent: ConsentState) => void;
+  onReady?: (consent: ConsentState) => void;
+}
+
+/** Configuration accepted by `init()`. */
+export interface InitOptions {
+  /** Respect Do Not Track / Global Privacy Control. Default `true`. */
+  respectDNT?: boolean;
+  /** What to do when DNT/GPC is on. Default `'reject'`. */
+  dntBehavior?: DNTBehavior;
+  /** Cookie expiration in days. Default `365`. */
+  expiration?: number;
+  /** Consumer callbacks. */
+  callbacks?: ZestCallbacks;
+  /** Anything else — Zest tolerates unknown keys at runtime. */
+  [key: string]: unknown;
+}
+
+/** Event names emitted on the `window` `document.documentElement`. */
+export interface ZestEvents {
+  READY: 'zest:ready';
+  CONSENT: 'zest:consent';
+  REJECT: 'zest:reject';
+  CHANGE: 'zest:change';
+  SHOW: 'zest:show';
+  HIDE: 'zest:hide';
+}
+
+export type ZestEventName = ZestEvents[keyof ZestEvents];
+
+/** Detail payload of the consent-change event. */
+export interface ZestEventDetail {
+  consent: ConsentState;
+  previous?: ConsentState;
+}
+
+declare const Zest: {
+  /** Initialise the consent engine. Must be called before any other API. */
+  init(options?: InitOptions): InitSnapshot;
+
+  /** Current consent state (clone, safe to mutate). */
+  getConsent(): ConsentState;
+
+  /** Has the user granted consent for `category`? */
+  hasConsent(category: ConsentCategory): boolean;
+
+  /** Has the user made any consent decision yet (accept, reject, or
+   * partial)? */
+  hasConsentDecision(): boolean;
+
+  /** Tamper-evident snapshot of the last consent decision. */
+  getConsentProof(): ConsentProof | null;
+
+  /** Grant consent for every category. */
+  acceptAll(): ConsentState | null;
+
+  /** Revoke consent for every non-essential category. */
+  rejectAll(): ConsentState | null;
+
+  /** Set per-category consent. Missing keys are left untouched. */
+  updateConsent(
+    selections: Partial<Record<ConsentCategory, boolean>>
+  ): ConsentState | null;
+
+  /** Wipe all consent state. Useful for "I changed my mind" flows. */
+  reset(): void;
+
+  /** True if the browser is sending DNT or GPC. */
+  isDoNotTrackEnabled(): boolean;
+
+  /** Why `isDoNotTrackEnabled()` returned what it did. */
+  getDNTDetails(): DNTDetails;
+
+  /** Subscribe to a consent event. Returns an unsubscribe function. */
+  on(
+    eventName: ZestEventName,
+    handler: (event: CustomEvent<ZestEventDetail>) => void
+  ): () => void;
+
+  /** Subscribe once; auto-unsubscribes after the first call. */
+  once(
+    eventName: ZestEventName,
+    handler: (event: CustomEvent<ZestEventDetail>) => void
+  ): () => void;
+
+  /** Constants for `on()` / `once()`. */
+  EVENTS: ZestEvents;
+
+  /** Active configuration after `init()`. */
+  getConfig(): InitOptions | null;
+};
+
+export default Zest;
+
+// Named tree-shake-friendly exports.
+export const init: typeof Zest.init;
+export const acceptAll: typeof Zest.acceptAll;
+export const rejectAll: typeof Zest.rejectAll;
+export const updateConsent: typeof Zest.updateConsent;
+export const reset: typeof Zest.reset;
+export const getConsent: typeof Zest.getConsent;
+export const hasConsent: typeof Zest.hasConsent;
+export const hasConsentDecision: typeof Zest.hasConsentDecision;
+export const getConsentProof: typeof Zest.getConsentProof;
+export const isDoNotTrackEnabled: typeof Zest.isDoNotTrackEnabled;
+export const getDNTDetails: typeof Zest.getDNTDetails;
+export const on: typeof Zest.on;
+export const once: typeof Zest.once;
+export const EVENTS: ZestEvents;
+export const getConfig: typeof Zest.getConfig;

package/package.json

@@ -1,20 +1,26 @@
 {
   "name": "@freshjuice/zest",
-  "version": "2.0.0",
+  "version": "2.1.0",
   "type": "module",
   "description": "Lightweight cookie consent toolkit for GDPR/CCPA compliance",
   "main": "dist/zest.min.js",
   "module": "dist/zest.esm.min.js",
+  "types": "dist/zest.d.ts",
   "exports": {
     ".": {
+      "types": "./dist/zest.d.ts",
       "import": "./dist/zest.esm.min.js",
       "default": "./dist/zest.min.js"
     },
     "./headless": {
+      "types": "./dist/zest.headless.d.ts",
       "import": "./dist/zest.headless.esm.min.js",
       "default": "./dist/zest.headless.esm.min.js"
     },
-    "./src/headless": "./src/headless.js",
+    "./src/headless": {
+      "types": "./dist/zest.headless.d.ts",
+      "default": "./src/headless.js"
+    },
     "./src/*": "./src/*.js"
   },
   "files": [
@@ -26,6 +32,7 @@
   "scripts": {
     "prebuild": "node scripts/build-langs.js",
     "build": "rollup -c",
+    "postbuild": "node scripts/copy-types.js",
     "build:watch": "rollup -c -w",
     "dev": "rollup -c -w",
     "test": "vitest",

package/src/types/zest.d.ts

@@ -0,0 +1,214 @@
+/**
+ * Type definitions for `@freshjuice/zest` (full build with UI).
+ *
+ * The full build ships the consent engine plus a Shadow-DOM banner,
+ * settings modal, and floating widget. It auto-initialises on script
+ * load when included via `<script>`, or you can drive it manually via
+ * `Zest.init()`.
+ *
+ * For a logic-only build without UI, import from
+ * `@freshjuice/zest/headless` instead.
+ *
+ * @example
+ * ```ts
+ * import Zest from '@freshjuice/zest';
+ *
+ * Zest.init({
+ *   position: 'bottom-right',
+ *   theme: 'auto',
+ *   accentColor: '#0071e3',
+ *   policyUrl: '/privacy'
+ * });
+ * ```
+ */
+
+/** Built-in consent categories. */
+export type ConsentCategory =
+  | 'essential'
+  | 'functional'
+  | 'analytics'
+  | 'marketing';
+
+/**
+ * Per-category boolean consent state. `essential` is always `true` —
+ * consent for it cannot be revoked because it covers strictly-necessary
+ * processing.
+ */
+export type ConsentState =
+  & Partial<Record<ConsentCategory, boolean>>
+  & { essential: true };
+
+/** Snapshot returned by `init()`. */
+export interface InitSnapshot {
+  consent: ConsentState;
+  hasDecision: boolean;
+  dntApplied: boolean;
+}
+
+/** Tamper-evident proof of the user's last consent decision. */
+export interface ConsentProof {
+  version: string;
+  timestamp: number;
+  categories: ConsentState;
+}
+
+/** Output of `getDNTDetails()`. */
+export interface DNTDetails {
+  dnt: boolean;
+  gpc: boolean;
+  doNotTrack: string | null;
+  globalPrivacyControl: boolean;
+}
+
+/** Behaviour when DNT / GPC is detected at init time. */
+export type DNTBehavior = 'reject' | 'preselect' | 'ignore';
+
+/** Banner position on the page. */
+export type BannerPosition = 'bottom' | 'bottom-left' | 'bottom-right' | 'top';
+
+/** UI theme. `auto` follows `prefers-color-scheme`. */
+export type ZestTheme = 'light' | 'dark' | 'auto';
+
+/** Script-blocking strictness. */
+export type ZestMode = 'manual' | 'safe' | 'strict' | 'doomsday';
+
+/**
+ * Optional consumer callbacks. Each is wrapped in a try/catch internally
+ * so a thrown error never breaks the consent pipeline.
+ */
+export interface ZestCallbacks {
+  onAccept?: (consent: ConsentState) => void;
+  onReject?: (consent: ConsentState) => void;
+  onChange?: (consent: ConsentState) => void;
+  onReady?: (consent: ConsentState) => void;
+}
+
+/** Configuration accepted by `init()` and `window.ZestConfig`. */
+export interface InitOptions {
+  /** Display language. `'auto'` detects from `<html lang>` / browser. */
+  lang?:
+    | 'auto'
+    | 'en' | 'de' | 'es' | 'fr' | 'it' | 'pt'
+    | 'nl' | 'pl' | 'uk' | 'ru' | 'ja' | 'zh';
+  /** Banner position. Default `'bottom'`. */
+  position?: BannerPosition;
+  /** UI theme. Default `'auto'`. */
+  theme?: ZestTheme;
+  /** Hex accent color for buttons (e.g. `'#0071e3'`). */
+  accentColor?: string;
+  /** Link to the host site's privacy policy. */
+  policyUrl?: string;
+  /** Show floating "manage cookies" widget after a decision. Default `true`. */
+  showWidget?: boolean;
+  /** Cookie expiration in days. Default `365`. */
+  expiration?: number;
+  /** Script-blocking mode. Default `'safe'`. */
+  mode?: ZestMode;
+  /** Auto-initialise on script load. Default `true` for the UI build. */
+  autoInit?: boolean;
+  /** Respect Do Not Track / Global Privacy Control. Default `true`. */
+  respectDNT?: boolean;
+  /** What to do when DNT/GPC is on. Default `'reject'`. */
+  dntBehavior?: DNTBehavior;
+  /** Consumer callbacks. */
+  callbacks?: ZestCallbacks;
+  /** Anything else — Zest tolerates unknown keys at runtime. */
+  [key: string]: unknown;
+}
+
+/** Event names emitted on `document.documentElement`. */
+export interface ZestEvents {
+  READY: 'zest:ready';
+  CONSENT: 'zest:consent';
+  REJECT: 'zest:reject';
+  CHANGE: 'zest:change';
+  SHOW: 'zest:show';
+  HIDE: 'zest:hide';
+}
+
+export type ZestEventName = ZestEvents[keyof ZestEvents];
+
+/** Detail payload of consent events. */
+export interface ZestEventDetail {
+  consent: ConsentState;
+  previous?: ConsentState;
+}
+
+declare const Zest: {
+  /** Initialise. Auto-called when the script loads unless `autoInit: false`. */
+  init(options?: InitOptions): InitSnapshot;
+
+  /** Show the consent banner. */
+  show(): void;
+
+  /** Hide the consent banner. */
+  hide(): void;
+
+  /** Open the per-category settings modal. */
+  showSettings(): void;
+
+  /** Close the settings modal. */
+  hideSettings(): void;
+
+  /** Show the persistent "manage cookies" widget. */
+  showWidget(): void;
+
+  /** Hide the widget without removing it. */
+  hideWidget(): void;
+
+  /** Current consent state (clone, safe to mutate). */
+  getConsent(): ConsentState;
+
+  /** Has the user granted consent for `category`? */
+  hasConsent(category: ConsentCategory): boolean;
+
+  /** Has the user made any consent decision yet? */
+  hasConsentDecision(): boolean;
+
+  /** Tamper-evident snapshot of the last consent decision. */
+  getConsentProof(): ConsentProof | null;
+
+  /** Grant consent for every category and run accept callbacks. */
+  acceptAll(): void;
+
+  /** Revoke consent for every non-essential category and run reject callbacks. */
+  rejectAll(): void;
+
+  /** Wipe all consent state and reshow the banner. */
+  reset(): void;
+
+  /** True if the browser is sending DNT or GPC. */
+  isDoNotTrackEnabled(): boolean;
+
+  /** Why `isDoNotTrackEnabled()` returned what it did. */
+  getDNTDetails(): DNTDetails;
+
+  /** Subscribe to a consent event. Returns an unsubscribe function. */
+  on(
+    eventName: ZestEventName,
+    handler: (event: CustomEvent<ZestEventDetail>) => void
+  ): () => void;
+
+  /** Subscribe once; auto-unsubscribes after the first call. */
+  once(
+    eventName: ZestEventName,
+    handler: (event: CustomEvent<ZestEventDetail>) => void
+  ): () => void;
+
+  /** Constants for `on()` / `once()`. */
+  EVENTS: ZestEvents;
+
+  /** Active configuration after `init()`. */
+  getConfig(): InitOptions | null;
+};
+
+export default Zest;
+
+declare global {
+  interface Window {
+    /** Set before loading `zest.min.js` to configure auto-initialisation. */
+    ZestConfig?: InitOptions;
+    /** The Zest singleton, attached after auto-init. */
+    Zest?: typeof Zest;
+  }
+}

package/src/types/zest.headless.d.ts

@@ -0,0 +1,178 @@
+/**
+ * Type definitions for `@freshjuice/zest/headless`.
+ *
+ * The headless build ships the consent engine without any UI: no Shadow
+ * DOM, no styles, no DOM mounting. You bring your own banner / modal /
+ * settings markup and call into Zest for the consent state.
+ *
+ * @example
+ * ```ts
+ * import Zest from '@freshjuice/zest/headless';
+ *
+ * Zest.init({ respectDNT: true, expiration: 365 });
+ *
+ * if (!Zest.hasConsentDecision()) myBanner.show();
+ *
+ * acceptBtn.addEventListener('click', () => Zest.acceptAll());
+ * rejectBtn.addEventListener('click', () => Zest.rejectAll());
+ * ```
+ */
+
+/** Built-in consent categories. */
+export type ConsentCategory =
+  | 'essential'
+  | 'functional'
+  | 'analytics'
+  | 'marketing';
+
+/**
+ * Per-category boolean consent state. `essential` is always `true` —
+ * consent for it cannot be revoked because it covers strictly-necessary
+ * processing.
+ */
+export type ConsentState =
+  & Partial<Record<ConsentCategory, boolean>>
+  & { essential: true };
+
+/** Snapshot returned by `init()`. */
+export interface InitSnapshot {
+  consent: ConsentState;
+  hasDecision: boolean;
+  dntApplied: boolean;
+}
+
+/** Tamper-evident proof of the user's last consent decision. */
+export interface ConsentProof {
+  version: string;
+  timestamp: number;
+  categories: ConsentState;
+}
+
+/** Output of `getDNTDetails()`. */
+export interface DNTDetails {
+  dnt: boolean;
+  gpc: boolean;
+  doNotTrack: string | null;
+  globalPrivacyControl: boolean;
+}
+
+/** Behaviour when DNT / GPC is detected at init time. */
+export type DNTBehavior = 'reject' | 'preselect' | 'ignore';
+
+/**
+ * Optional consumer callbacks. Each is wrapped in a try/catch internally
+ * so a thrown error never breaks the consent pipeline.
+ */
+export interface ZestCallbacks {
+  onAccept?: (consent: ConsentState) => void;
+  onReject?: (consent: ConsentState) => void;
+  onChange?: (consent: ConsentState) => void;
+  onReady?: (consent: ConsentState) => void;
+}
+
+/** Configuration accepted by `init()`. */
+export interface InitOptions {
+  /** Respect Do Not Track / Global Privacy Control. Default `true`. */
+  respectDNT?: boolean;
+  /** What to do when DNT/GPC is on. Default `'reject'`. */
+  dntBehavior?: DNTBehavior;
+  /** Cookie expiration in days. Default `365`. */
+  expiration?: number;
+  /** Consumer callbacks. */
+  callbacks?: ZestCallbacks;
+  /** Anything else — Zest tolerates unknown keys at runtime. */
+  [key: string]: unknown;
+}
+
+/** Event names emitted on the `window` `document.documentElement`. */
+export interface ZestEvents {
+  READY: 'zest:ready';
+  CONSENT: 'zest:consent';
+  REJECT: 'zest:reject';
+  CHANGE: 'zest:change';
+  SHOW: 'zest:show';
+  HIDE: 'zest:hide';
+}
+
+export type ZestEventName = ZestEvents[keyof ZestEvents];
+
+/** Detail payload of the consent-change event. */
+export interface ZestEventDetail {
+  consent: ConsentState;
+  previous?: ConsentState;
+}
+
+declare const Zest: {
+  /** Initialise the consent engine. Must be called before any other API. */
+  init(options?: InitOptions): InitSnapshot;
+
+  /** Current consent state (clone, safe to mutate). */
+  getConsent(): ConsentState;
+
+  /** Has the user granted consent for `category`? */
+  hasConsent(category: ConsentCategory): boolean;
+
+  /** Has the user made any consent decision yet (accept, reject, or
+   * partial)? */
+  hasConsentDecision(): boolean;
+
+  /** Tamper-evident snapshot of the last consent decision. */
+  getConsentProof(): ConsentProof | null;
+
+  /** Grant consent for every category. */
+  acceptAll(): ConsentState | null;
+
+  /** Revoke consent for every non-essential category. */
+  rejectAll(): ConsentState | null;
+
+  /** Set per-category consent. Missing keys are left untouched. */
+  updateConsent(
+    selections: Partial<Record<ConsentCategory, boolean>>
+  ): ConsentState | null;
+
+  /** Wipe all consent state. Useful for "I changed my mind" flows. */
+  reset(): void;
+
+  /** True if the browser is sending DNT or GPC. */
+  isDoNotTrackEnabled(): boolean;
+
+  /** Why `isDoNotTrackEnabled()` returned what it did. */
+  getDNTDetails(): DNTDetails;
+
+  /** Subscribe to a consent event. Returns an unsubscribe function. */
+  on(
+    eventName: ZestEventName,
+    handler: (event: CustomEvent<ZestEventDetail>) => void
+  ): () => void;
+
+  /** Subscribe once; auto-unsubscribes after the first call. */
+  once(
+    eventName: ZestEventName,
+    handler: (event: CustomEvent<ZestEventDetail>) => void
+  ): () => void;
+
+  /** Constants for `on()` / `once()`. */
+  EVENTS: ZestEvents;
+
+  /** Active configuration after `init()`. */
+  getConfig(): InitOptions | null;
+};
+
+export default Zest;
+
+// Named tree-shake-friendly exports.
+export const init: typeof Zest.init;
+export const acceptAll: typeof Zest.acceptAll;
+export const rejectAll: typeof Zest.rejectAll;
+export const updateConsent: typeof Zest.updateConsent;
+export const reset: typeof Zest.reset;
+export const getConsent: typeof Zest.getConsent;
+export const hasConsent: typeof Zest.hasConsent;
+export const hasConsentDecision: typeof Zest.hasConsentDecision;
+export const getConsentProof: typeof Zest.getConsentProof;
+export const isDoNotTrackEnabled: typeof Zest.isDoNotTrackEnabled;
+export const getDNTDetails: typeof Zest.getDNTDetails;
+export const on: typeof Zest.on;
+export const once: typeof Zest.once;
+export const EVENTS: ZestEvents;
+export const getConfig: typeof Zest.getConfig;