npm - @glidevvr/storage-payload-error-logger-pkg - Versions diffs - 0.1.0 - Mend

@glidevvr/storage-payload-error-logger-pkg 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

package/README.md +229 -0
package/dist/chunk-EKIOMBUO.mjs +282 -0
package/dist/chunk-EKIOMBUO.mjs.map +1 -0
package/dist/index.d.cts +99 -0
package/dist/index.d.ts +99 -0
package/dist/index.js +332 -0
package/dist/index.js.map +1 -0
package/dist/index.mjs +37 -0
package/dist/index.mjs.map +1 -0
package/dist/payload-endpoint/index.d.cts +96 -0
package/dist/payload-endpoint/index.d.ts +96 -0
package/dist/payload-endpoint/index.js +206 -0
package/dist/payload-endpoint/index.js.map +1 -0
package/dist/payload-endpoint/index.mjs +179 -0
package/dist/payload-endpoint/index.mjs.map +1 -0
package/dist/react/index.d.cts +26 -0
package/dist/react/index.d.ts +26 -0
package/dist/react/index.js +302 -0
package/dist/react/index.js.map +1 -0
package/dist/react/index.mjs +28 -0
package/dist/react/index.mjs.map +1 -0
package/dist/types-BLz-TUBl.d.cts +198 -0
package/dist/types-BLz-TUBl.d.ts +198 -0
package/package.json +62 -0

package/README.md ADDED Viewed

@@ -0,0 +1,229 @@
+# @glidevvr/storage-payload-error-logger-pkg
+Centralized error capture for GLI storage products. See the WEB-1413 design doc in `gli-payload-multitenant/docs/plans/2026-05-05-web-1413-error-logger-design.md` for details.
+## Subpaths
+- `@glidevvr/storage-payload-error-logger-pkg` — core (initLogger, logError, setLogContext, installGlobalHandlers)
+- `@glidevvr/storage-payload-error-logger-pkg/react` — `<ErrorBoundary>`
+- `@glidevvr/storage-payload-error-logger-pkg/payload-endpoint` — Payload v3 `Endpoint` handler
+## Init
+`initLogger({ endpoint, repo, release, recaptchaSiteKey })`
+## PII contract
+The logger is built on a strict rule: **never accept user-input data into the pipeline in the first place.** Scrubbing PII downstream is too late — the goal is to never receive it.
+This contract is enforced on five surfaces:
+### 1. `LogContext` is a closed allowlist
+`LogContext` has no index signature. TypeScript rejects unknown keys at the call site. The allowlist is grouped by domain — see `types.ts` for the full list and per-field JSDoc. Headline categories:
+| Category | Examples |
+| --- | --- |
+| **Identity** | `source`, `sessionId`, `componentStack` |
+| **Organization** (storage org) | `organizationId` (Payload Mongo ID), `organizationName`, `seCompanyId` (SE numeric ID) |
+| **Renter** (anonymous, never name/email/phone) | `seTenantId`, `vendorTenantId`, `vendorType` |
+| **Facility** | `seFacilityId`, `vendorFacilityId`, `siteLocationCode` |
+| **Unit** | `seUnitId`, `vendorUnitId`, `unitCategorySlug`, `unitTier`, `ratePlan` |
+| **Reservation** (pre-move-in) | `seReservationId`, `vendorReservationId`, `reservationType` |
+| **Rental** (post-move-in) | `seRentalId`, `vendorRentalId`, `seTransactionId` |
+| **Ledger / billing** | `seLedgerId`, `seReceiptId`, `chargeId` |
+| **Charges + recurring fees** | `charges[]`, `recurringFees[]` (sub-keys: `id`, `name`, `amount`, `cycle` only — memo/note stripped) |
+| **Selections** (codes, never typed values) | `promotionId`, `promotionSlug`, `insurancePlanId`, `paymentMethodType`, `autopayEnabled`, `billingCycle`, `moveInDate`, `quotedRate` |
+| **Flow context** | `flow` (closed: `reservation` / `rental` / `cancellation` / `payment-update` / `onboarding`), `step` (paired with `flow`), `slug`, `apiMethod`, `apiEndpoint`, `httpStatus`, `cacheKey`, `errorTag`, `validationFieldNames[]`, `expectedCount`, `actualCount` |
+| **Payload-only** | `collectionSlug`, `documentId`, `hookName`, `userRole`, `scraperBatchId`, `buildId` |
+**Naming convention:**
+- `se*` prefix → identifier from the SE API (matches SE's wire term)
+- `vendor*` prefix → identifier from the underlying property-management system (SiteLink / StorEdge / DoorSwap)
+- everything else → user-facing terms shared with the admin UI (e.g. `organizationId` matches the "Organization" label in CMS)
+Need a new field? Add it intentionally to `LogContext` in `types.ts` AND to `ALLOWED_CONTEXT_KEYS` in `gli-payload-multitenant/src/collections/IssueEvents/hooks/sanitizeContext.ts` (the server-side defense). Confirm it carries no PII before adding.
+### 2. `reason` is a closed enum — the WHY, never user input
+The `Reason` type in `types.ts` is the closed vocabulary, mirrored by `ISSUE_REASON_VALUES` in `gli-payload-multitenant/src/utilities/errorLogger/reasonValues.ts`. The Issues + IssueEvents collection schemas use Payload's `select` field type with this enum, so direct REST POSTs that send an unknown reason are rejected with a 400 — closing the gap that the helper-side TypeScript guard alone can't cover.
+15 values mirror the `errorTag` enum in `@glidevvr/se-components`; 9 internal values cover failure modes outside the SE API:
+```ts
+// SE errorTags (mirror se-components)
+"unit_not_found" | "unit_not_available" | "unit_unavailable" | "facility_not_found"
+| "invalid_tenant_credentials" | "unauthorized" | "session_expired"
+| "tenant_not_found" | "reservation_not_found" | "ledger_not_found" | "promotion_not_found"
+| "payment_failed" | "payment_declined" | "invalid_payment_option"
+| "validation_error"
+// Internal additions
+| "unit_list_empty" | "expected_data_missing" | "cache_stale"
+| "build_failure" | "hook_error" | "scraper_failure"
+| "data_integrity" | "unhandled_exception" | "network_timeout"
+```
+Pass via `LogErrorOptions.reason`:
+```ts
+logError(err, { reason: "invalid_cvv", context: { step: "payment" } })
+logError(err, { reason: "unit_list_empty", context: { seFacilityId, expectedCount: 1, actualCount: 0 } })
+```
+`reason` is part of the event's fingerprint, so the same code path failing for different reasons becomes distinct Issues.
+### 3. `severity` defaults from `reason`
+Severity convention:
+- **`error`** — blocks the user / unrecoverable / 5xx (default for uncaught and most reasons)
+- **`warning`** — recoverable, user-facing flow signal (`validation_error`, `payment_declined`, `unit_list_empty`, `cache_stale`, etc.)
+- **`info`** — informational signal (`session_expired`)
+`getDefaultSeverity(reason)` does the mapping. `logError()` uses it automatically; callers can override via `LogErrorOptions.severity`. Wire `getDefaultSeverity` into integration points (e.g. RTK Query error middleware) so individual call sites don't think about it.
+### 4. `Error.message` must not contain user input
+`logError()` reads `err.message` and persists it. **Throw errors with constant messages**:
+```ts
+// ✅ good — fixed message, classification via `reason`
+if (!isValidCvv(cvv)) {
+  logError(new Error("payment validation failed"), {
+    reason: "invalid_payment_option",
+    context: { step: "payment", validationFieldNames: ["cvv"] },
+  });
+}
+// ❌ bad — user input lands in the persisted message
+throw new Error(`Card ${cardNumber} has invalid CVV ${cvv}`);
+```
+Code review is the only guard for this surface; the helper has no automated way to detect interpolated PII inside an `Error.message` string.
+### 5. URL is path-only
+`logError()` strips the query string and fragment from `window.location.href` before sending. Only `origin + pathname` is logged. This protects against tokens or emails appearing in URL params (e.g. `?token=…`, `?email=…`).
+## Patterns
+### Soft-assert empty / unexpected results
+For "should-have-data-but-doesn't" cases, log a `warning` at the boundary where bad data hits the UI:
+```ts
+if (facility.isActive && units.length === 0) {
+  logError(new Error("Unit list empty for active facility"), {
+    reason: "unit_list_empty",
+    context: {
+      seFacilityId,
+      apiMethod: "getUnits",
+      expectedCount: 1,
+      actualCount: 0,
+    },
+  });
+}
+```
+### CMS / scraper / build hook errors
+On the server side, wrap the suspect spot in try/catch and re-throw after logging:
+```ts
+try {
+  await runScraper(batchId);
+} catch (err) {
+  logError(err, {
+    source: "payload",
+    reason: "scraper_failure",
+    context: { scraperBatchId: batchId, apiMethod: "runScraper" },
+  });
+  throw err;
+}
+```
+The helper's server transport writes via the api-user key. Don't wrap collection-internal hooks with `logError` — they'd loop on themselves.
+### RTK Query middleware (apps using @glidevvr/se-components)
+Map `errorTag` → `reason` + default severity:
+```ts
+// inside rtkQueryErrorMiddleware
+logError(err, {
+  reason: payload.errorTag,                       // 1:1 with se-components
+  context: {
+    apiMethod: action.meta.arg.endpointName,
+    httpStatus: err.status,
+    validationFieldNames: Object.keys(payload.validationErrors ?? {}),
+  },
+})
+```
+## Server-side defense
+The CMS-side `IssueEvents.beforeValidate` hook (`sanitizeIssueEventContext`) is the matching runtime guard for the `LogContext` allowlist. Direct REST POSTs that bypass the helper still get unknown keys stripped before persistence — and per-row keys inside `charges` / `recurringFees` are filtered too (memo/note dropped).
+---
+## Local Development
+```bash
+npm install
+npm test            # vitest
+npm run build       # tsup → dist/{esm,cjs,d.ts} for all three subpaths
+```
+### Prerequisites
+- Node.js 20.x or later
+- npm 10.x or later
+The published package's wire shape (entry/exports/peerDeps) is defined in `package.json`. The CMS server defense lives in `gli-payload-multitenant/src/collections/IssueEvents/hooks/sanitizeContext.ts` — keep `ALLOWED_CONTEXT_KEYS` there in sync with the `LogContext` interface in `src/types.ts`.
+---
+## Branching Strategy
+This package follows a **Dirty Trunk** repo structure to enable fast, continuous integration.
+### Trunk (Main Branch)
+- **`master`** is the trunk where all development merges.
+- Trunk may contain work-in-progress code and is not guaranteed to be in a release-ready state at all times.
+### Feature Branches
+- Use short-lived branches for features or fixes:
+  - Naming convention: `feature/<feature-name>` or `bugfix/<issue-description>`.
+- Merge into `master` frequently to avoid long-lived branches and reduce conflicts.
+- Use squash merges to keep the history clean.
+### Release Branches
+- Create `release/x.y.z` branches from `master` when ready to stabilize for a release.
+- Only bug fixes and release preparation changes go into the release branch.
+- After release, merge back into `master` and tag with the version.
+### Hotfixes
+- Create `hotfix/x.y.z` branches from the latest tagged release.
+- Merge back into `master` and the active release branch.
+---
+## Managing CI/CD
+This package uses Bitbucket Pipelines for testing and publishing:
+- **Branch Tests**: Automated build and test run on all branches (`feature`, `bugfix`, `release`, `hotfix`).
+- **Publishing**: npm releases are triggered manually via the `npm-publish` custom pipeline in Bitbucket.
+- **Versioning**: Uses semantic versioning:
+  - Increment minor versions on releases.
+  - Increment patch versions for hotfixes.
+### Publishing a new version
+1. Update the version in `package.json` (`npm version minor` / `npm version patch`) on the release or hotfix branch.
+2. Push the branch and tag.
+3. In Bitbucket, run the `npm-publish` custom pipeline from the release/hotfix branch. Requires `NPM_TOKEN` to be set as a Repository Variable.
+---
+## Consumers
+- **gli-payload-multitenant**: hosts the `/api/log-error` endpoint via the `payload-endpoint` subpath. Server-only.
+- **storage-theme-payload**: Tier 1 + 2 retrofit (Phase 3 of WEB-1413). Wraps the app root with `<ErrorBoundary>` and calls `initLogger` + `installGlobalHandlers`; explicit `logError(...)` at high-value catch paths (SE rate-limiter, tenantInfo, form submission).
+- **unit-table**: Tier 1 + 2 retrofit (Phase 5 of WEB-1413). Augments the existing widget ErrorBoundary; does NOT install global handlers (the host page owns those).
+- Future consumers: `reservation-app`, `rental-app`, `npm-golocal-cloud-wrapper`.
+See the WEB-1413 design doc in `gli-payload-multitenant/docs/plans/2026-05-05-web-1413-error-logger-design.md` for the full rollout plan.

package/dist/chunk-EKIOMBUO.mjs ADDED Viewed

@@ -0,0 +1,282 @@
+// src/context.ts
+var current = {};
+var isBrowser = () => typeof window !== "undefined";
+function setLogContext(patch) {
+  if (!isBrowser()) return;
+  current = { ...current, ...patch };
+}
+function getLogContext() {
+  if (!isBrowser()) return {};
+  return { ...current };
+}
+function withLogContext(scope, fn) {
+  if (!isBrowser()) return fn();
+  const prior = current;
+  current = { ...current, ...scope };
+  try {
+    return fn();
+  } finally {
+    current = prior;
+  }
+}
+// src/initLogger.ts
+var config = null;
+function initLogger(cfg) {
+  if (!cfg?.endpoint) throw new Error("initLogger: endpoint is required");
+  if (!cfg?.repo) throw new Error("initLogger: repo is required");
+  config = { ...cfg };
+}
+function _getConfig() {
+  return config;
+}
+// src/severity.ts
+function getDefaultSeverity(reason) {
+  if (!reason) return "error";
+  switch (reason) {
+    // user-recoverable / expected-flow signals
+    case "validation_error":
+    case "payment_declined":
+    case "invalid_payment_option":
+    case "unit_list_empty":
+    case "expected_data_missing":
+    case "cache_stale":
+    case "promotion_not_found":
+      return "warning";
+    // informational
+    case "session_expired":
+      return "info";
+    // everything else (network failures, unauthorized, not-founds we couldn't
+    // recover from, hook/scraper/build failures, unhandled exceptions) — the
+    // user is blocked, treat as error
+    default:
+      return "error";
+  }
+}
+// src/fingerprint.ts
+function fingerprint(source, message, stack, reason) {
+  const topFrame = stack.split("\n", 2)[0] ?? "";
+  const reasonPart = reason ?? "";
+  const input = `${source}|${message}|${topFrame}|${reasonPart}`;
+  let hash = 5381;
+  for (let i = 0; i < input.length; i++) {
+    hash = (hash << 5) + hash + input.charCodeAt(i);
+    hash |= 0;
+  }
+  return (hash >>> 0).toString(16);
+}
+// src/throttle.ts
+function createThrottle(opts) {
+  const lastEmittedAt = /* @__PURE__ */ new Map();
+  return {
+    shouldEmit(fingerprint2) {
+      const now = Date.now();
+      const last = lastEmittedAt.get(fingerprint2);
+      if (last !== void 0 && now - last < opts.windowMs) return false;
+      lastEmittedAt.set(fingerprint2, now);
+      return true;
+    }
+  };
+}
+// src/batch.ts
+function createBatcher(opts) {
+  let queue = [];
+  let timer = null;
+  async function flush() {
+    if (timer) {
+      clearTimeout(timer);
+      timer = null;
+    }
+    if (queue.length === 0) return;
+    const drained = queue;
+    queue = [];
+    await opts.onFlush(drained);
+  }
+  return {
+    enqueue(item) {
+      queue.push(item);
+      if (queue.length >= opts.maxQueueLength) {
+        void flush();
+        return;
+      }
+      if (timer === null) {
+        timer = setTimeout(() => {
+          void flush();
+        }, opts.flushMs);
+      }
+    },
+    flushOnce: flush
+  };
+}
+// src/circuitBreaker.ts
+function createCircuitBreaker(opts) {
+  let failures = [];
+  let openUntil = 0;
+  return {
+    canTransmit() {
+      return Date.now() >= openUntil;
+    },
+    recordFailure() {
+      const now = Date.now();
+      failures = failures.filter((t) => now - t < opts.failureWindowMs);
+      failures.push(now);
+      if (failures.length >= opts.failureThreshold) {
+        openUntil = now + opts.openMs;
+        failures = [];
+      }
+    },
+    recordSuccess() {
+      failures = [];
+    }
+  };
+}
+// src/recaptcha.ts
+async function acquireRecaptchaToken(siteKey, action) {
+  const g = typeof globalThis !== "undefined" ? globalThis.grecaptcha : void 0;
+  if (!g?.enterprise) return null;
+  try {
+    await new Promise((resolve) => g.enterprise.ready(resolve));
+    return await g.enterprise.execute(siteKey, { action });
+  } catch {
+    return null;
+  }
+}
+// src/transport.ts
+function isBrowser2() {
+  return typeof window !== "undefined";
+}
+async function postFromBrowser(endpoint, request) {
+  try {
+    const res = await fetch(endpoint, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify(request),
+      keepalive: true
+    });
+    return { ok: res.ok, status: res.status };
+  } catch {
+    return { ok: false, status: 0 };
+  }
+}
+async function postFromServer(payloadBaseUrl, apiKey, events) {
+  let lastStatus = 0;
+  for (const event of events) {
+    try {
+      const res = await fetch(`${payloadBaseUrl}/cms/api/issue-events`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `users API-Key ${apiKey}`
+        },
+        body: JSON.stringify(event)
+      });
+      lastStatus = res.status;
+      if (!res.ok) return { ok: false, status: res.status };
+    } catch {
+      return { ok: false, status: 0 };
+    }
+  }
+  return { ok: true, status: lastStatus };
+}
+// src/logError.ts
+var throttle = createThrottle({ windowMs: 5e3 });
+var breaker = createCircuitBreaker({
+  failureThreshold: 3,
+  failureWindowMs: 3e4,
+  openMs: 6e4
+});
+var batcher = null;
+function getBatcher() {
+  if (batcher) return batcher;
+  batcher = createBatcher({
+    flushMs: 3e3,
+    maxQueueLength: 10,
+    onFlush: async (events) => {
+      const cfg = _getConfig();
+      if (!cfg) return;
+      if (!breaker.canTransmit()) return;
+      const rcToken = cfg.recaptchaSiteKey ? await acquireRecaptchaToken(cfg.recaptchaSiteKey, cfg.recaptchaAction ?? "log_error") : null;
+      const result = await postFromBrowser(cfg.endpoint, { events, rcToken });
+      if (result.ok) breaker.recordSuccess();
+      else if (result.status >= 500 || result.status === 0) breaker.recordFailure();
+    }
+  });
+  return batcher;
+}
+function safePageUrl() {
+  if (!isBrowser2()) return "";
+  try {
+    const parsed = new URL(window.location.href);
+    return parsed.origin + parsed.pathname;
+  } catch {
+    return "";
+  }
+}
+function buildEvent(err, opts) {
+  const cfg = _getConfig();
+  if (!cfg) return null;
+  const message = err instanceof Error ? err.message : String(err);
+  const stack = err instanceof Error && err.stack ? err.stack : "";
+  const ambient = getLogContext();
+  const source = opts?.source ?? ambient.source ?? cfg.defaultSource ?? "theme";
+  const reason = opts?.reason;
+  const severity = opts?.severity ?? getDefaultSeverity(reason);
+  const fp = fingerprint(source, message, stack, reason);
+  const userAgent = isBrowser2() && typeof navigator !== "undefined" ? navigator.userAgent : "";
+  return {
+    source,
+    repo: cfg.repo,
+    severity,
+    fingerprint: fp,
+    message: message.slice(0, 500),
+    stack: stack.slice(0, 1e4),
+    context: { ...ambient, ...opts?.context ?? {} },
+    url: safePageUrl(),
+    userAgent,
+    occurredAt: (/* @__PURE__ */ new Date()).toISOString(),
+    release: cfg.release,
+    reason
+  };
+}
+function logError(err, opts) {
+  try {
+    const event = buildEvent(err, opts);
+    if (!event) return;
+    if (!throttle.shouldEmit(event.fingerprint)) return;
+    if (isBrowser2()) {
+      getBatcher().enqueue(event);
+    } else {
+      const cfg = _getConfig();
+      if (!cfg) return;
+      const apiKey = process.env.TENANT_API_KEY ?? process.env.PAYLOAD_PUBLIC_API_KEY;
+      const baseUrl = process.env.PAYLOAD_PUBLIC_URL;
+      if (!apiKey || !baseUrl) return;
+      void postFromServer(baseUrl, apiKey, [event]).catch(() => {
+      });
+    }
+  } catch {
+  }
+}
+function flushPending() {
+  if (!batcher) return Promise.resolve();
+  return batcher.flushOnce();
+}
+export {
+  setLogContext,
+  getLogContext,
+  withLogContext,
+  initLogger,
+  getDefaultSeverity,
+  logError,
+  flushPending
+};
+//# sourceMappingURL=chunk-EKIOMBUO.mjs.map

package/dist/chunk-EKIOMBUO.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/context.ts","../src/initLogger.ts","../src/severity.ts","../src/fingerprint.ts","../src/throttle.ts","../src/batch.ts","../src/circuitBreaker.ts","../src/recaptcha.ts","../src/transport.ts","../src/logError.ts"],"sourcesContent":["/**\n * @fileoverview Ambient log context store — browser-only.\n *\n * On the browser the module-level `current` object is a per-tab singleton, the\n * scope we want. On Node (SSR), the same module is shared across every\n * incoming request running in the process, so writing to `current` in one\n * request would leak that context into other requests' error events. To stay\n * safe, all three functions no-op (or return `{}`) when there is no `window`.\n *\n * **Server callers must pass context explicitly** via the `opts.context`\n * parameter on `logError`, which is merged into the event regardless of the\n * ambient state.\n */\nimport type { LogContext } from \"./types\";\n\nlet current: LogContext = {};\n\nconst isBrowser = (): boolean => typeof window !== \"undefined\";\n\n/**\n * Add or overwrite keys in the ambient log context. Existing keys you don't\n * pass are preserved; keys you do pass replace existing values (no deep merge).\n *\n * Call at meaningful UX boundaries (page mount, step change, modal open) so\n * later errors automatically pick up the relevant context.\n *\n * No-op on the server — see file-level note above.\n */\nexport function setLogContext(patch: LogContext): void {\n if (!isBrowser()) return;\n current = { ...current, ...patch };\n}\n\n/**\n * Return a copy of the current ambient log context. Used by `logError` to\n * attach context to outgoing events.\n *\n * Returns `{}` on the server — see file-level note above.\n */\nexport function getLogContext(): LogContext {\n if (!isBrowser()) return {};\n return { ...current };\n}\n\n/**\n * Run `fn` with extra context keys layered on top of the ambient context, then\n * put the original context back — even if `fn` throws.\n *\n * Use this when the extra keys should only apply to one synchronous operation\n * and not leak into anything that runs afterwards.\n *\n * On the server `fn` runs without any ambient mutation — see file-level note above.\n */\nexport function withLogContext<T>(scope: LogContext, fn: () => T): T {\n if (!isBrowser()) return fn();\n const prior = current;\n current = { ...current, ...scope };\n try {\n return fn();\n } finally {\n current = prior;\n }\n}\n\n/** @internal — test-only */\nexport function _resetForTests(): void {\n current = {};\n}\n","import type { InitLoggerConfig } from \"./types\";\n\nlet config: InitLoggerConfig | null = null;\n\n/**\n * Set up the logger. Call once at app startup.\n *\n * Required fields: `endpoint` (where the browser sends events) and `repo`\n * (stamped on every event). Optional: `release`, `recaptchaSiteKey`,\n * `recaptchaAction`, `defaultSource`. Throws if a required field is missing\n * so misconfiguration is loud at startup instead of silently dropping events.\n */\nexport function initLogger(cfg: InitLoggerConfig): void {\n if (!cfg?.endpoint) throw new Error(\"initLogger: endpoint is required\");\n if (!cfg?.repo) throw new Error(\"initLogger: repo is required\");\n config = { ...cfg };\n}\n\n/** @internal — read the current config; returns null before `initLogger` runs. */\nexport function _getConfig(): InitLoggerConfig | null {\n return config;\n}\n\n/** @internal — test-only */\nexport function _resetForTests(): void {\n config = null;\n}\n","import type { Reason, Severity } from \"./types\";\n\n/**\n * Map a `Reason` to its default `Severity` when the caller hasn't passed\n * one explicitly.\n *\n * Convention:\n * - `error` — blocks the user / unrecoverable / 5xx upstream\n * - `warning` — recoverable, user-facing flow signal (validation,\n * declined card, soft-assert empty result)\n * - `info` — informational signal (`session_expired`)\n *\n * Wire this into integration points (e.g. the RTK Query error middleware)\n * so individual call sites don't have to think about severity unless they\n * want to override the default.\n */\nexport function getDefaultSeverity(reason?: Reason): Severity {\n if (!reason) return \"error\";\n\n switch (reason) {\n // user-recoverable / expected-flow signals\n case \"validation_error\":\n case \"payment_declined\":\n case \"invalid_payment_option\":\n case \"unit_list_empty\":\n case \"expected_data_missing\":\n case \"cache_stale\":\n case \"promotion_not_found\":\n return \"warning\";\n\n // informational\n case \"session_expired\":\n return \"info\";\n\n // everything else (network failures, unauthorized, not-founds we couldn't\n // recover from, hook/scraper/build failures, unhandled exceptions) — the\n // user is blocked, treat as error\n default:\n return \"error\";\n }\n}\n","/**\n * Compute a short stable hash that identifies \"the same bug\" across occurrences.\n * Used by the dedup hook to find-or-create the parent `Issues` row.\n *\n * Only the top frame of the stack is hashed so a bug fired from the same place\n * groups together even if surrounding code paths differ. Returned as a hex\n * string just to keep it compact; we just need stable grouping, not security.\n *\n * `reason` is included so the same code path failing for different reasons\n * (e.g. `invalid_cvv` vs `gateway_decline` at the payment step) becomes two\n * separate Issues. An empty / omitted reason hashes the same as `\"\"`, so\n * existing 3-arg callers stay compatible.\n */\nexport function fingerprint(\n source: string,\n message: string,\n stack: string,\n reason?: string,\n): string {\n const topFrame = stack.split(\"\\n\", 2)[0] ?? \"\";\n const reasonPart = reason ?? \"\";\n const input = `${source}|${message}|${topFrame}|${reasonPart}`;\n let hash = 5381;\n for (let i = 0; i < input.length; i++) {\n hash = ((hash << 5) + hash) + input.charCodeAt(i);\n hash |= 0;\n }\n return (hash >>> 0).toString(16);\n}\n","/** Throttle that decides whether a given fingerprint should be sent right now. */\nexport interface Throttle {\n shouldEmit(fingerprint: string): boolean;\n}\n\n/**\n * Returns a throttle that lets the first occurrence of each fingerprint through\n * and silently drops repeats until `windowMs` passes. Stops a bug firing in a\n * tight loop from flooding the CMS.\n */\nexport function createThrottle(opts: { windowMs: number }): Throttle {\n const lastEmittedAt = new Map<string, number>();\n return {\n shouldEmit(fingerprint: string): boolean {\n const now = Date.now();\n const last = lastEmittedAt.get(fingerprint);\n if (last !== undefined && now - last < opts.windowMs) return false;\n lastEmittedAt.set(fingerprint, now);\n return true;\n },\n };\n}\n","/** A buffer that collects items and flushes them in groups. */\nexport interface Batcher<T> {\n enqueue(item: T): void;\n flushOnce(): Promise<void>;\n}\n\nexport interface BatcherOptions<T> {\n /** Auto-flush this many ms after the first item is enqueued. */\n flushMs: number;\n /** Flush right away once the queue reaches this length. */\n maxQueueLength: number;\n /** Called with the queued items when the batch flushes. */\n onFlush: (events: T[]) => void | Promise<void>;\n}\n\n/**\n * Returns a buffer that flushes when either the time limit or the size limit\n * is reached, whichever comes first. `flushOnce()` empties the queue right\n * away on demand. Lets us send a batch of events in one HTTP request instead\n * of one request per event.\n */\nexport function createBatcher<T>(opts: BatcherOptions<T>): Batcher<T> {\n let queue: T[] = [];\n let timer: ReturnType<typeof setTimeout> | null = null;\n\n async function flush(): Promise<void> {\n if (timer) { clearTimeout(timer); timer = null; }\n if (queue.length === 0) return;\n const drained = queue;\n queue = [];\n await opts.onFlush(drained);\n }\n\n return {\n enqueue(item: T): void {\n queue.push(item);\n if (queue.length >= opts.maxQueueLength) {\n void flush();\n return;\n }\n if (timer === null) {\n timer = setTimeout(() => { void flush(); }, opts.flushMs);\n }\n },\n flushOnce: flush,\n };\n}\n","/** Tracks whether a flaky downstream call should currently be attempted. */\nexport interface CircuitBreaker {\n canTransmit(): boolean;\n recordFailure(): void;\n recordSuccess(): void;\n}\n\nexport interface CircuitBreakerOptions {\n /** Number of recent failures that \"trips\" the breaker (stops sending). */\n failureThreshold: number;\n /** How far back to look when counting failures, in ms. */\n failureWindowMs: number;\n /** Once tripped, how long to wait before allowing sends again. */\n openMs: number;\n}\n\n/**\n * Returns a circuit breaker. After `failureThreshold` failures within\n * `failureWindowMs`, it stops allowing sends for `openMs`, then automatically\n * starts allowing them again.\n *\n * Used by `logError` to back off when the endpoint is failing, so we don't\n * keep hammering a struggling CMS.\n */\nexport function createCircuitBreaker(opts: CircuitBreakerOptions): CircuitBreaker {\n let failures: number[] = [];\n let openUntil = 0;\n\n return {\n canTransmit(): boolean {\n return Date.now() >= openUntil;\n },\n recordFailure(): void {\n const now = Date.now();\n failures = failures.filter((t) => now - t < opts.failureWindowMs);\n failures.push(now);\n if (failures.length >= opts.failureThreshold) {\n openUntil = now + opts.openMs;\n failures = [];\n }\n },\n recordSuccess(): void {\n failures = [];\n },\n };\n}\n","interface GrecaptchaEnterprise {\n ready: (cb: () => void) => void;\n execute: (siteKey: string, opts: { action: string }) => Promise<string>;\n}\n\ninterface GrecaptchaGlobal {\n enterprise: GrecaptchaEnterprise;\n}\n\ndeclare global {\n // eslint-disable-next-line no-var\n var grecaptcha: GrecaptchaGlobal | undefined;\n}\n\n/**\n * Acquire a reCAPTCHA Enterprise v3 token from the browser SDK.\n *\n * Returns null if the SDK isn't loaded yet (e.g. on the server, or before\n * `https://www.google.com/recaptcha/enterprise.js` finishes loading) or if\n * `execute` rejects. Never throws.\n */\nexport async function acquireRecaptchaToken(\n siteKey: string,\n action: string,\n): Promise<string | null> {\n const g = typeof globalThis !== \"undefined\" ? globalThis.grecaptcha : undefined;\n if (!g?.enterprise) return null;\n try {\n await new Promise<void>((resolve) => g.enterprise.ready(resolve));\n return await g.enterprise.execute(siteKey, { action });\n } catch {\n return null;\n }\n}\n","import type { LogEvent } from \"./types\";\n\nexport interface TransportRequest {\n events: LogEvent[];\n rcToken: string | null;\n}\n\nexport interface TransportResult {\n ok: boolean;\n status: number;\n}\n\n/** Detects whether we're in a browser-like environment (has window). */\nexport function isBrowser(): boolean {\n return typeof window !== \"undefined\";\n}\n\n/** Browser POST: cross-origin to the configured endpoint, no credentials. */\nexport async function postFromBrowser(\n endpoint: string,\n request: TransportRequest,\n): Promise<TransportResult> {\n try {\n const res = await fetch(endpoint, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify(request),\n keepalive: true,\n });\n return { ok: res.ok, status: res.status };\n } catch {\n return { ok: false, status: 0 };\n }\n}\n\n/**\n * Server POST: writes events directly to Payload's REST API for the IssueEvents collection.\n * Each event becomes one POST (the dedup hook on IssueEvents handles aggregation into Issues).\n *\n * `payloadBaseUrl` should be e.g. `https://payloadstorage.golocaldev.com` (no `/cms` suffix —\n * we append `/cms/api/issue-events` per the existing tenantInfo.ts convention).\n */\nexport async function postFromServer(\n payloadBaseUrl: string,\n apiKey: string,\n events: LogEvent[],\n): Promise<TransportResult> {\n let lastStatus = 0;\n for (const event of events) {\n try {\n const res = await fetch(`${payloadBaseUrl}/cms/api/issue-events`, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n Authorization: `users API-Key ${apiKey}`,\n },\n body: JSON.stringify(event),\n });\n lastStatus = res.status;\n if (!res.ok) return { ok: false, status: res.status };\n } catch {\n return { ok: false, status: 0 };\n }\n }\n return { ok: true, status: lastStatus };\n}\n","import { _getConfig } from \"./initLogger\";\nimport { fingerprint } from \"./fingerprint\";\nimport { getLogContext } from \"./context\";\nimport { createThrottle } from \"./throttle\";\nimport { createBatcher } from \"./batch\";\nimport { createCircuitBreaker } from \"./circuitBreaker\";\nimport { acquireRecaptchaToken } from \"./recaptcha\";\nimport { getDefaultSeverity } from \"./severity\";\nimport { isBrowser, postFromBrowser, postFromServer } from \"./transport\";\nimport type { LogErrorOptions, LogEvent, Source, Severity } from \"./types\";\n\nconst throttle = createThrottle({ windowMs: 5_000 });\nconst breaker = createCircuitBreaker({\n failureThreshold: 3,\n failureWindowMs: 30_000,\n openMs: 60_000,\n});\n\nlet batcher: ReturnType<typeof createBatcher<LogEvent>> | null = null;\n\nfunction getBatcher(): ReturnType<typeof createBatcher<LogEvent>> {\n if (batcher) return batcher;\n batcher = createBatcher<LogEvent>({\n flushMs: 3_000,\n maxQueueLength: 10,\n onFlush: async (events) => {\n const cfg = _getConfig();\n if (!cfg) return;\n if (!breaker.canTransmit()) return;\n\n const rcToken = cfg.recaptchaSiteKey\n ? await acquireRecaptchaToken(cfg.recaptchaSiteKey, cfg.recaptchaAction ?? \"log_error\")\n : null;\n\n const result = await postFromBrowser(cfg.endpoint, { events, rcToken });\n if (result.ok) breaker.recordSuccess();\n else if (result.status >= 500 || result.status === 0) breaker.recordFailure();\n },\n });\n return batcher;\n}\n\n/**\n * Strip query string and hash from the current URL before logging it.\n *\n * **Why.** The PII contract says we don't accept user data into the pipeline.\n * Query strings can carry tokens, emails, or other inputs (e.g. `?email=…`\n * from a magic-link flow); the fragment can carry routing state that includes\n * the same. Path is enough to identify *which page* the bug fired on.\n */\nfunction safePageUrl(): string {\n if (!isBrowser()) return \"\";\n try {\n const parsed = new URL(window.location.href);\n return parsed.origin + parsed.pathname;\n } catch {\n return \"\";\n }\n}\n\nfunction buildEvent(\n err: Error | string | number | boolean | null | undefined,\n opts?: LogErrorOptions,\n): LogEvent | null {\n const cfg = _getConfig();\n if (!cfg) return null;\n\n const message = err instanceof Error ? err.message : String(err);\n const stack = err instanceof Error && err.stack ? err.stack : \"\";\n const ambient = getLogContext();\n const source: Source = opts?.source ?? ambient.source ?? cfg.defaultSource ?? \"theme\";\n const reason = opts?.reason;\n const severity: Severity = opts?.severity ?? getDefaultSeverity(reason);\n const fp = fingerprint(source, message, stack, reason);\n\n const userAgent =\n isBrowser() && typeof navigator !== \"undefined\" ? navigator.userAgent : \"\";\n\n return {\n source,\n repo: cfg.repo,\n severity,\n fingerprint: fp,\n message: message.slice(0, 500),\n stack: stack.slice(0, 10_000),\n context: { ...ambient, ...(opts?.context ?? {}) },\n url: safePageUrl(),\n userAgent,\n occurredAt: new Date().toISOString(),\n release: cfg.release,\n reason,\n };\n}\n\n/**\n * Capture an error and route it to the CMS.\n *\n * Browser path: throttle → batch → cross-origin POST (with reCAPTCHA token).\n * Server path: throttle → direct POST to Payload's REST API per event.\n *\n * Internal failures never throw — silently degraded so the logger can't break callers.\n *\n * `err` covers the realistic set of thrown values (Error, primitives). For the\n * rare case of throwing a plain object literal, callers should wrap in an Error\n * before passing — e.g. `logError(new Error(JSON.stringify(thing)))`.\n */\nexport function logError(\n err: Error | string | number | boolean | null | undefined,\n opts?: LogErrorOptions,\n): void {\n try {\n const event = buildEvent(err, opts);\n if (!event) return;\n if (!throttle.shouldEmit(event.fingerprint)) return;\n\n if (isBrowser()) {\n getBatcher().enqueue(event);\n } else {\n // Server path: synchronous-ish; we still fire-and-forget but don't batch.\n const cfg = _getConfig();\n if (!cfg) return;\n const apiKey = process.env.TENANT_API_KEY ?? process.env.PAYLOAD_PUBLIC_API_KEY;\n const baseUrl = process.env.PAYLOAD_PUBLIC_URL;\n if (!apiKey || !baseUrl) return;\n void postFromServer(baseUrl, apiKey, [event]).catch(() => {\n /* swallow — cascade guard */\n });\n }\n } catch {\n /* cascade guard: never throw from the logger itself */\n }\n}\n\n/**\n * Drain any queued (but not-yet-flushed) browser events right now. Called from\n * the `pagehide` global handler so a user closing the tab between time-based\n * flushes doesn't drop their queued errors.\n *\n * No-op when no batcher has been lazily initialized yet (nothing was queued).\n */\nexport function flushPending(): Promise<void> {\n if (!batcher) return Promise.resolve();\n return batcher.flushOnce();\n}\n\n/** @internal — test-only: reset batcher state between tests */\nexport function _resetForTests(): void {\n batcher = null;\n}\n"],"mappings":";AAeA,IAAI,UAAsB,CAAC;AAE3B,IAAM,YAAY,MAAe,OAAO,WAAW;AAW5C,SAAS,cAAc,OAAyB;AACrD,MAAI,CAAC,UAAU,EAAG;AAClB,YAAU,EAAE,GAAG,SAAS,GAAG,MAAM;AACnC;AAQO,SAAS,gBAA4B;AAC1C,MAAI,CAAC,UAAU,EAAG,QAAO,CAAC;AAC1B,SAAO,EAAE,GAAG,QAAQ;AACtB;AAWO,SAAS,eAAkB,OAAmB,IAAgB;AACnE,MAAI,CAAC,UAAU,EAAG,QAAO,GAAG;AAC5B,QAAM,QAAQ;AACd,YAAU,EAAE,GAAG,SAAS,GAAG,MAAM;AACjC,MAAI;AACF,WAAO,GAAG;AAAA,EACZ,UAAE;AACA,cAAU;AAAA,EACZ;AACF;;;AC5DA,IAAI,SAAkC;AAU/B,SAAS,WAAW,KAA6B;AACtD,MAAI,CAAC,KAAK,SAAU,OAAM,IAAI,MAAM,kCAAkC;AACtE,MAAI,CAAC,KAAK,KAAM,OAAM,IAAI,MAAM,8BAA8B;AAC9D,WAAS,EAAE,GAAG,IAAI;AACpB;AAGO,SAAS,aAAsC;AACpD,SAAO;AACT;;;ACLO,SAAS,mBAAmB,QAA2B;AAC5D,MAAI,CAAC,OAAQ,QAAO;AAEpB,UAAQ,QAAQ;AAAA;AAAA,IAEd,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK;AACH,aAAO;AAAA;AAAA,IAGT,KAAK;AACH,aAAO;AAAA;AAAA;AAAA;AAAA,IAKT;AACE,aAAO;AAAA,EACX;AACF;;;AC3BO,SAAS,YACd,QACA,SACA,OACA,QACQ;AACR,QAAM,WAAW,MAAM,MAAM,MAAM,CAAC,EAAE,CAAC,KAAK;AAC5C,QAAM,aAAa,UAAU;AAC7B,QAAM,QAAQ,GAAG,MAAM,IAAI,OAAO,IAAI,QAAQ,IAAI,UAAU;AAC5D,MAAI,OAAO;AACX,WAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;AACrC,YAAS,QAAQ,KAAK,OAAQ,MAAM,WAAW,CAAC;AAChD,YAAQ;AAAA,EACV;AACA,UAAQ,SAAS,GAAG,SAAS,EAAE;AACjC;;;AClBO,SAAS,eAAe,MAAsC;AACnE,QAAM,gBAAgB,oBAAI,IAAoB;AAC9C,SAAO;AAAA,IACL,WAAWA,cAA8B;AACvC,YAAM,MAAM,KAAK,IAAI;AACrB,YAAM,OAAO,cAAc,IAAIA,YAAW;AAC1C,UAAI,SAAS,UAAa,MAAM,OAAO,KAAK,SAAU,QAAO;AAC7D,oBAAc,IAAIA,cAAa,GAAG;AAClC,aAAO;AAAA,IACT;AAAA,EACF;AACF;;;ACAO,SAAS,cAAiB,MAAqC;AACpE,MAAI,QAAa,CAAC;AAClB,MAAI,QAA8C;AAElD,iBAAe,QAAuB;AACpC,QAAI,OAAO;AAAE,mBAAa,KAAK;AAAG,cAAQ;AAAA,IAAM;AAChD,QAAI,MAAM,WAAW,EAAG;AACxB,UAAM,UAAU;AAChB,YAAQ,CAAC;AACT,UAAM,KAAK,QAAQ,OAAO;AAAA,EAC5B;AAEA,SAAO;AAAA,IACL,QAAQ,MAAe;AACrB,YAAM,KAAK,IAAI;AACf,UAAI,MAAM,UAAU,KAAK,gBAAgB;AACvC,aAAK,MAAM;AACX;AAAA,MACF;AACA,UAAI,UAAU,MAAM;AAClB,gBAAQ,WAAW,MAAM;AAAE,eAAK,MAAM;AAAA,QAAG,GAAG,KAAK,OAAO;AAAA,MAC1D;AAAA,IACF;AAAA,IACA,WAAW;AAAA,EACb;AACF;;;ACtBO,SAAS,qBAAqB,MAA6C;AAChF,MAAI,WAAqB,CAAC;AAC1B,MAAI,YAAY;AAEhB,SAAO;AAAA,IACL,cAAuB;AACrB,aAAO,KAAK,IAAI,KAAK;AAAA,IACvB;AAAA,IACA,gBAAsB;AACpB,YAAM,MAAM,KAAK,IAAI;AACrB,iBAAW,SAAS,OAAO,CAAC,MAAM,MAAM,IAAI,KAAK,eAAe;AAChE,eAAS,KAAK,GAAG;AACjB,UAAI,SAAS,UAAU,KAAK,kBAAkB;AAC5C,oBAAY,MAAM,KAAK;AACvB,mBAAW,CAAC;AAAA,MACd;AAAA,IACF;AAAA,IACA,gBAAsB;AACpB,iBAAW,CAAC;AAAA,IACd;AAAA,EACF;AACF;;;ACxBA,eAAsB,sBACpB,SACA,QACwB;AACxB,QAAM,IAAI,OAAO,eAAe,cAAc,WAAW,aAAa;AACtE,MAAI,CAAC,GAAG,WAAY,QAAO;AAC3B,MAAI;AACF,UAAM,IAAI,QAAc,CAAC,YAAY,EAAE,WAAW,MAAM,OAAO,CAAC;AAChE,WAAO,MAAM,EAAE,WAAW,QAAQ,SAAS,EAAE,OAAO,CAAC;AAAA,EACvD,QAAQ;AACN,WAAO;AAAA,EACT;AACF;;;ACpBO,SAASC,aAAqB;AACnC,SAAO,OAAO,WAAW;AAC3B;AAGA,eAAsB,gBACpB,UACA,SAC0B;AAC1B,MAAI;AACF,UAAM,MAAM,MAAM,MAAM,UAAU;AAAA,MAChC,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU,OAAO;AAAA,MAC5B,WAAW;AAAA,IACb,CAAC;AACD,WAAO,EAAE,IAAI,IAAI,IAAI,QAAQ,IAAI,OAAO;AAAA,EAC1C,QAAQ;AACN,WAAO,EAAE,IAAI,OAAO,QAAQ,EAAE;AAAA,EAChC;AACF;AASA,eAAsB,eACpB,gBACA,QACA,QAC0B;AAC1B,MAAI,aAAa;AACjB,aAAW,SAAS,QAAQ;AAC1B,QAAI;AACF,YAAM,MAAM,MAAM,MAAM,GAAG,cAAc,yBAAyB;AAAA,QAChE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,eAAe,iBAAiB,MAAM;AAAA,QACxC;AAAA,QACA,MAAM,KAAK,UAAU,KAAK;AAAA,MAC5B,CAAC;AACD,mBAAa,IAAI;AACjB,UAAI,CAAC,IAAI,GAAI,QAAO,EAAE,IAAI,OAAO,QAAQ,IAAI,OAAO;AAAA,IACtD,QAAQ;AACN,aAAO,EAAE,IAAI,OAAO,QAAQ,EAAE;AAAA,IAChC;AAAA,EACF;AACA,SAAO,EAAE,IAAI,MAAM,QAAQ,WAAW;AACxC;;;ACtDA,IAAM,WAAW,eAAe,EAAE,UAAU,IAAM,CAAC;AACnD,IAAM,UAAU,qBAAqB;AAAA,EACnC,kBAAkB;AAAA,EAClB,iBAAiB;AAAA,EACjB,QAAQ;AACV,CAAC;AAED,IAAI,UAA6D;AAEjE,SAAS,aAAyD;AAChE,MAAI,QAAS,QAAO;AACpB,YAAU,cAAwB;AAAA,IAChC,SAAS;AAAA,IACT,gBAAgB;AAAA,IAChB,SAAS,OAAO,WAAW;AACzB,YAAM,MAAM,WAAW;AACvB,UAAI,CAAC,IAAK;AACV,UAAI,CAAC,QAAQ,YAAY,EAAG;AAE5B,YAAM,UAAU,IAAI,mBAChB,MAAM,sBAAsB,IAAI,kBAAkB,IAAI,mBAAmB,WAAW,IACpF;AAEJ,YAAM,SAAS,MAAM,gBAAgB,IAAI,UAAU,EAAE,QAAQ,QAAQ,CAAC;AACtE,UAAI,OAAO,GAAI,SAAQ,cAAc;AAAA,eAC5B,OAAO,UAAU,OAAO,OAAO,WAAW,EAAG,SAAQ,cAAc;AAAA,IAC9E;AAAA,EACF,CAAC;AACD,SAAO;AACT;AAUA,SAAS,cAAsB;AAC7B,MAAI,CAACC,WAAU,EAAG,QAAO;AACzB,MAAI;AACF,UAAM,SAAS,IAAI,IAAI,OAAO,SAAS,IAAI;AAC3C,WAAO,OAAO,SAAS,OAAO;AAAA,EAChC,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,SAAS,WACP,KACA,MACiB;AACjB,QAAM,MAAM,WAAW;AACvB,MAAI,CAAC,IAAK,QAAO;AAEjB,QAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAC/D,QAAM,QAAQ,eAAe,SAAS,IAAI,QAAQ,IAAI,QAAQ;AAC9D,QAAM,UAAU,cAAc;AAC9B,QAAM,SAAiB,MAAM,UAAU,QAAQ,UAAU,IAAI,iBAAiB;AAC9E,QAAM,SAAS,MAAM;AACrB,QAAM,WAAqB,MAAM,YAAY,mBAAmB,MAAM;AACtE,QAAM,KAAK,YAAY,QAAQ,SAAS,OAAO,MAAM;AAErD,QAAM,YACJA,WAAU,KAAK,OAAO,cAAc,cAAc,UAAU,YAAY;AAE1E,SAAO;AAAA,IACL;AAAA,IACA,MAAM,IAAI;AAAA,IACV;AAAA,IACA,aAAa;AAAA,IACb,SAAS,QAAQ,MAAM,GAAG,GAAG;AAAA,IAC7B,OAAO,MAAM,MAAM,GAAG,GAAM;AAAA,IAC5B,SAAS,EAAE,GAAG,SAAS,GAAI,MAAM,WAAW,CAAC,EAAG;AAAA,IAChD,KAAK,YAAY;AAAA,IACjB;AAAA,IACA,aAAY,oBAAI,KAAK,GAAE,YAAY;AAAA,IACnC,SAAS,IAAI;AAAA,IACb;AAAA,EACF;AACF;AAcO,SAAS,SACd,KACA,MACM;AACN,MAAI;AACF,UAAM,QAAQ,WAAW,KAAK,IAAI;AAClC,QAAI,CAAC,MAAO;AACZ,QAAI,CAAC,SAAS,WAAW,MAAM,WAAW,EAAG;AAE7C,QAAIA,WAAU,GAAG;AACf,iBAAW,EAAE,QAAQ,KAAK;AAAA,IAC5B,OAAO;AAEL,YAAM,MAAM,WAAW;AACvB,UAAI,CAAC,IAAK;AACV,YAAM,SAAS,QAAQ,IAAI,kBAAkB,QAAQ,IAAI;AACzD,YAAM,UAAU,QAAQ,IAAI;AAC5B,UAAI,CAAC,UAAU,CAAC,QAAS;AACzB,WAAK,eAAe,SAAS,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,MAAM;AAAA,MAE1D,CAAC;AAAA,IACH;AAAA,EACF,QAAQ;AAAA,EAER;AACF;AASO,SAAS,eAA8B;AAC5C,MAAI,CAAC,QAAS,QAAO,QAAQ,QAAQ;AACrC,SAAO,QAAQ,UAAU;AAC3B;","names":["fingerprint","isBrowser","isBrowser"]}

package/dist/index.d.cts ADDED Viewed

@@ -0,0 +1,99 @@
+import { L as LogContext, I as InitLoggerConfig, a as LogErrorOptions, R as Reason, S as Severity } from './types-BLz-TUBl.cjs';
+export { b as LogChargeLine, c as LogEvent, d as Repo, e as Source } from './types-BLz-TUBl.cjs';
+/**
+ * @fileoverview Ambient log context store — browser-only.
+ *
+ * On the browser the module-level `current` object is a per-tab singleton, the
+ * scope we want. On Node (SSR), the same module is shared across every
+ * incoming request running in the process, so writing to `current` in one
+ * request would leak that context into other requests' error events. To stay
+ * safe, all three functions no-op (or return `{}`) when there is no `window`.
+ *
+ * **Server callers must pass context explicitly** via the `opts.context`
+ * parameter on `logError`, which is merged into the event regardless of the
+ * ambient state.
+ */
+/**
+ * Add or overwrite keys in the ambient log context. Existing keys you don't
+ * pass are preserved; keys you do pass replace existing values (no deep merge).
+ *
+ * Call at meaningful UX boundaries (page mount, step change, modal open) so
+ * later errors automatically pick up the relevant context.
+ *
+ * No-op on the server — see file-level note above.
+ */
+declare function setLogContext(patch: LogContext): void;
+/**
+ * Return a copy of the current ambient log context. Used by `logError` to
+ * attach context to outgoing events.
+ *
+ * Returns `{}` on the server — see file-level note above.
+ */
+declare function getLogContext(): LogContext;
+/**
+ * Run `fn` with extra context keys layered on top of the ambient context, then
+ * put the original context back — even if `fn` throws.
+ *
+ * Use this when the extra keys should only apply to one synchronous operation
+ * and not leak into anything that runs afterwards.
+ *
+ * On the server `fn` runs without any ambient mutation — see file-level note above.
+ */
+declare function withLogContext<T>(scope: LogContext, fn: () => T): T;
+/**
+ * Set up the logger. Call once at app startup.
+ *
+ * Required fields: `endpoint` (where the browser sends events) and `repo`
+ * (stamped on every event). Optional: `release`, `recaptchaSiteKey`,
+ * `recaptchaAction`, `defaultSource`. Throws if a required field is missing
+ * so misconfiguration is loud at startup instead of silently dropping events.
+ */
+declare function initLogger(cfg: InitLoggerConfig): void;
+/**
+ * Capture an error and route it to the CMS.
+ *
+ * Browser path: throttle → batch → cross-origin POST (with reCAPTCHA token).
+ * Server path: throttle → direct POST to Payload's REST API per event.
+ *
+ * Internal failures never throw — silently degraded so the logger can't break callers.
+ *
+ * `err` covers the realistic set of thrown values (Error, primitives). For the
+ * rare case of throwing a plain object literal, callers should wrap in an Error
+ * before passing — e.g. `logError(new Error(JSON.stringify(thing)))`.
+ */
+declare function logError(err: Error | string | number | boolean | null | undefined, opts?: LogErrorOptions): void;
+declare global {
+    var __errorLoggerHandlersInstalled__: boolean | undefined;
+}
+/**
+ * Install browser-global error capture (window.onerror + unhandledrejection)
+ * plus a `pagehide` listener that flushes any queued events before unload.
+ *
+ * Idempotent: a `globalThis` sentinel ensures repeated calls do not re-install.
+ * Only the host page should call this — widgets embedded in the host inherit
+ * coverage automatically because errors bubble to page-level listeners.
+ */
+declare function installGlobalHandlers(): void;
+/**
+ * Map a `Reason` to its default `Severity` when the caller hasn't passed
+ * one explicitly.
+ *
+ * Convention:
+ *   - `error`   — blocks the user / unrecoverable / 5xx upstream
+ *   - `warning` — recoverable, user-facing flow signal (validation,
+ *                 declined card, soft-assert empty result)
+ *   - `info`    — informational signal (`session_expired`)
+ *
+ * Wire this into integration points (e.g. the RTK Query error middleware)
+ * so individual call sites don't have to think about severity unless they
+ * want to override the default.
+ */
+declare function getDefaultSeverity(reason?: Reason): Severity;
+export { InitLoggerConfig, LogContext, LogErrorOptions, Reason, Severity, getDefaultSeverity, getLogContext, initLogger, installGlobalHandlers, logError, setLogContext, withLogContext };