@handled-ai/design-system 0.18.58 → 0.19.0-rc.1

package/dist/internal/safe-html.js

@@ -0,0 +1,222 @@
+const DANGEROUS_BLOCK_TAGS = /* @__PURE__ */ new Set([
+  "script",
+  "style",
+  "iframe",
+  "object",
+  "embed",
+  "svg",
+  "math",
+  "template",
+  "noscript",
+  "textarea",
+  "select"
+]);
+const ALLOWED_TAGS = /* @__PURE__ */ new Set([
+  "a",
+  "b",
+  "blockquote",
+  "br",
+  "code",
+  "del",
+  "div",
+  "em",
+  "hr",
+  "i",
+  "img",
+  "li",
+  "ol",
+  "p",
+  "pre",
+  "s",
+  "span",
+  "strong",
+  "table",
+  "tbody",
+  "td",
+  "th",
+  "thead",
+  "tr",
+  "u",
+  "ul"
+]);
+const VOID_TAGS = /* @__PURE__ */ new Set(["br", "hr", "img"]);
+const SAFE_GLOBAL_ATTRS = /* @__PURE__ */ new Set(["aria-label", "role", "title"]);
+const SAFE_URL_PROTOCOLS = /* @__PURE__ */ new Set(["http:", "https:", "mailto:", "tel:"]);
+function escapeHtml(value) {
+  return value.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
+}
+function escapeAttribute(value) {
+  return escapeHtml(value).replace(/"/g, "&quot;");
+}
+function safeCodePoint(value) {
+  return Number.isInteger(value) && value >= 0 && value <= 1114111 ? String.fromCodePoint(value) : "";
+}
+function decodeHtmlEntities(value) {
+  const namedEntities = {
+    amp: "&",
+    apos: "'",
+    colon: ":",
+    gt: ">",
+    lt: "<",
+    newline: "\n",
+    quot: '"',
+    tab: "	"
+  };
+  let decoded = value;
+  for (let i = 0; i < 4; i += 1) {
+    const next = decoded.replace(/&#x([0-9a-f]+);?/gi, (_match, hex) => {
+      const codePoint = Number.parseInt(hex, 16);
+      return safeCodePoint(codePoint);
+    }).replace(/&#(\d+);?/g, (_match, decimal) => {
+      const codePoint = Number.parseInt(decimal, 10);
+      return safeCodePoint(codePoint);
+    }).replace(/&([a-z]+);/gi, (match, name) => {
+      var _a;
+      return (_a = namedEntities[name.toLowerCase()]) != null ? _a : match;
+    });
+    if (next === decoded) return decoded;
+    decoded = next;
+  }
+  return decoded;
+}
+function isSafeUrl(value) {
+  const decoded = decodeHtmlEntities(value).replace(/[\u0000-\u001f\u007f\s]+/g, "").trim();
+  if (!decoded) return false;
+  if (decoded.startsWith("//")) return false;
+  if (decoded.startsWith("#") || decoded.startsWith("/") || decoded.startsWith("./") || decoded.startsWith("../")) {
+    return true;
+  }
+  try {
+    return SAFE_URL_PROTOCOLS.has(new URL(decoded, "https://handled.local").protocol);
+  } catch (e) {
+    return false;
+  }
+}
+function sanitizeClassName(value) {
+  const safeTokens = value.split(/\s+/).map((token) => token.trim()).filter((token) => /^[A-Za-z0-9_-]+$/.test(token));
+  return safeTokens.length ? safeTokens.join(" ") : null;
+}
+function sanitizeAttribute(tagName, name, value) {
+  const attr = name.toLowerCase();
+  if (attr.startsWith("on") || attr === "style" || attr === "srcdoc" || attr === "formaction" || attr === "xlink:href" || attr === "xmlns") {
+    return null;
+  }
+  if (attr === "class") {
+    const safeClassName = sanitizeClassName(value);
+    return safeClassName ? `class="${escapeAttribute(safeClassName)}"` : null;
+  }
+  if (SAFE_GLOBAL_ATTRS.has(attr) || attr.startsWith("aria-")) {
+    return `${attr}="${escapeAttribute(value)}"`;
+  }
+  if (tagName === "a" && attr === "href" && isSafeUrl(value)) {
+    return `href="${escapeAttribute(value)}"`;
+  }
+  if (tagName === "img" && attr === "src" && isSafeUrl(value)) {
+    return `src="${escapeAttribute(value)}"`;
+  }
+  if (tagName === "img" && (attr === "alt" || attr === "width" || attr === "height")) {
+    return `${attr}="${escapeAttribute(value)}"`;
+  }
+  if ((tagName === "td" || tagName === "th") && (attr === "colspan" || attr === "rowspan")) {
+    return `${attr}="${escapeAttribute(value)}"`;
+  }
+  return null;
+}
+function sanitizeAttributes(tagName, rawAttributes = "") {
+  var _a, _b;
+  const attributes = [];
+  const attrPattern = /([A-Za-z_:][-A-Za-z0-9_:.]*)(?:\s*=\s*(?:"([^"]*)"|'([^']*)'|([^\s"'=<>`]+)))?/g;
+  let match;
+  while ((match = attrPattern.exec(rawAttributes)) !== null) {
+    const [, name, doubleQuotedValue, singleQuotedValue, unquotedValue] = match;
+    const value = (_b = (_a = doubleQuotedValue != null ? doubleQuotedValue : singleQuotedValue) != null ? _a : unquotedValue) != null ? _b : "";
+    const safeAttribute = sanitizeAttribute(tagName, name, value);
+    if (safeAttribute) attributes.push(safeAttribute);
+  }
+  if (tagName === "a" && attributes.some((attr) => attr.startsWith("href="))) {
+    attributes.push('target="_blank"', 'rel="noopener noreferrer"');
+  }
+  return attributes.length ? ` ${attributes.join(" ")}` : "";
+}
+function findTagEnd(html, startIndex) {
+  let quote = null;
+  for (let i = startIndex + 1; i < html.length; i += 1) {
+    const char = html[i];
+    if (quote) {
+      if (char === quote) quote = null;
+      continue;
+    }
+    if (char === '"' || char === "'") {
+      quote = char;
+      continue;
+    }
+    if (char === ">") return i;
+  }
+  return -1;
+}
+function parseTag(rawTag) {
+  var _a;
+  const match = rawTag.match(/^<\s*(\/)?\s*([A-Za-z][A-Za-z0-9:-]*)\b([\s\S]*?)\/?>$/);
+  if (!match) return null;
+  return {
+    closing: !!match[1],
+    name: match[2].toLowerCase(),
+    attributes: (_a = match[3]) != null ? _a : ""
+  };
+}
+function findDangerousClose(html, tagName, fromIndex) {
+  const closePattern = new RegExp(`</\\s*${tagName}\\s*>`, "ig");
+  closePattern.lastIndex = fromIndex;
+  const match = closePattern.exec(html);
+  return match ? closePattern.lastIndex : -1;
+}
+function sanitizeHtml(html) {
+  let output = "";
+  let cursor = 0;
+  while (cursor < html.length) {
+    const tagStart = html.indexOf("<", cursor);
+    if (tagStart === -1) {
+      output += html.slice(cursor);
+      break;
+    }
+    output += html.slice(cursor, tagStart);
+    if (html.startsWith("<!--", tagStart)) {
+      const commentEnd = html.indexOf("-->", tagStart + 4);
+      cursor = commentEnd === -1 ? html.length : commentEnd + 3;
+      continue;
+    }
+    const tagEnd = findTagEnd(html, tagStart);
+    if (tagEnd === -1) {
+      output += escapeHtml(html.slice(tagStart));
+      break;
+    }
+    const rawTag = html.slice(tagStart, tagEnd + 1);
+    const parsed = parseTag(rawTag);
+    if (!parsed) {
+      cursor = tagEnd + 1;
+      continue;
+    }
+    if (DANGEROUS_BLOCK_TAGS.has(parsed.name)) {
+      const closeEnd = parsed.closing ? -1 : findDangerousClose(html, parsed.name, tagEnd + 1);
+      cursor = closeEnd === -1 ? tagEnd + 1 : closeEnd;
+      continue;
+    }
+    if (ALLOWED_TAGS.has(parsed.name)) {
+      if (parsed.closing) {
+        if (!VOID_TAGS.has(parsed.name)) output += `</${parsed.name}>`;
+      } else {
+        output += `<${parsed.name}${sanitizeAttributes(parsed.name, parsed.attributes)}>`;
+      }
+    }
+    cursor = tagEnd + 1;
+  }
+  return output;
+}
+function htmlToTextSnippet(html, maxLength = 140) {
+  return sanitizeHtml(html).replace(/<[^>]+>/g, " ").replace(/\s+/g, " ").trim().slice(0, maxLength);
+}
+export {
+  htmlToTextSnippet,
+  sanitizeHtml
+};
+//# sourceMappingURL=safe-html.js.map

package/dist/internal/safe-html.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/internal/safe-html.ts"],"sourcesContent":["const DANGEROUS_BLOCK_TAGS = new Set([\n  \"script\",\n  \"style\",\n  \"iframe\",\n  \"object\",\n  \"embed\",\n  \"svg\",\n  \"math\",\n  \"template\",\n  \"noscript\",\n  \"textarea\",\n  \"select\",\n])\n\nconst ALLOWED_TAGS = new Set([\n  \"a\",\n  \"b\",\n  \"blockquote\",\n  \"br\",\n  \"code\",\n  \"del\",\n  \"div\",\n  \"em\",\n  \"hr\",\n  \"i\",\n  \"img\",\n  \"li\",\n  \"ol\",\n  \"p\",\n  \"pre\",\n  \"s\",\n  \"span\",\n  \"strong\",\n  \"table\",\n  \"tbody\",\n  \"td\",\n  \"th\",\n  \"thead\",\n  \"tr\",\n  \"u\",\n  \"ul\",\n])\n\nconst VOID_TAGS = new Set([\"br\", \"hr\", \"img\"])\nconst SAFE_GLOBAL_ATTRS = new Set([\"aria-label\", \"role\", \"title\"])\nconst SAFE_URL_PROTOCOLS = new Set([\"http:\", \"https:\", \"mailto:\", \"tel:\"])\n\nfunction escapeHtml(value: string): string {\n  return value\n    .replace(/&/g, \"&amp;\")\n    .replace(/</g, \"&lt;\")\n    .replace(/>/g, \"&gt;\")\n}\n\nfunction escapeAttribute(value: string): string {\n  return escapeHtml(value).replace(/\"/g, \"&quot;\")\n}\n\nfunction safeCodePoint(value: number): string {\n  return Number.isInteger(value) && value >= 0 && value <= 0x10ffff ? String.fromCodePoint(value) : \"\"\n}\n\nfunction decodeHtmlEntities(value: string): string {\n  const namedEntities: Record<string, string> = {\n    amp: \"&\",\n    apos: \"'\",\n    colon: \":\",\n    gt: \">\",\n    lt: \"<\",\n    newline: \"\\n\",\n    quot: '\"',\n    tab: \"\\t\",\n  }\n\n  let decoded = value\n  for (let i = 0; i < 4; i += 1) {\n    const next = decoded\n      .replace(/&#x([0-9a-f]+);?/gi, (_match, hex: string) => {\n        const codePoint = Number.parseInt(hex, 16)\n        return safeCodePoint(codePoint)\n      })\n      .replace(/&#(\\d+);?/g, (_match, decimal: string) => {\n        const codePoint = Number.parseInt(decimal, 10)\n        return safeCodePoint(codePoint)\n      })\n      .replace(/&([a-z]+);/gi, (match, name: string) => namedEntities[name.toLowerCase()] ?? match)\n\n    if (next === decoded) return decoded\n    decoded = next\n  }\n\n  return decoded\n}\n\nfunction isSafeUrl(value: string): boolean {\n  const decoded = decodeHtmlEntities(value).replace(/[\\u0000-\\u001f\\u007f\\s]+/g, \"\").trim()\n  if (!decoded) return false\n  if (decoded.startsWith(\"//\")) return false\n  if (decoded.startsWith(\"#\") || decoded.startsWith(\"/\") || decoded.startsWith(\"./\") || decoded.startsWith(\"../\")) {\n    return true\n  }\n\n  try {\n    return SAFE_URL_PROTOCOLS.has(new URL(decoded, \"https://handled.local\").protocol)\n  } catch {\n    return false\n  }\n}\n\nfunction sanitizeClassName(value: string): string | null {\n  const safeTokens = value\n    .split(/\\s+/)\n    .map((token) => token.trim())\n    .filter((token) => /^[A-Za-z0-9_-]+$/.test(token))\n\n  return safeTokens.length ? safeTokens.join(\" \") : null\n}\n\nfunction sanitizeAttribute(tagName: string, name: string, value: string): string | null {\n  const attr = name.toLowerCase()\n\n  if (\n    attr.startsWith(\"on\") ||\n    attr === \"style\" ||\n    attr === \"srcdoc\" ||\n    attr === \"formaction\" ||\n    attr === \"xlink:href\" ||\n    attr === \"xmlns\"\n  ) {\n    return null\n  }\n\n  if (attr === \"class\") {\n    const safeClassName = sanitizeClassName(value)\n    return safeClassName ? `class=\"${escapeAttribute(safeClassName)}\"` : null\n  }\n\n  if (SAFE_GLOBAL_ATTRS.has(attr) || attr.startsWith(\"aria-\")) {\n    return `${attr}=\"${escapeAttribute(value)}\"`\n  }\n\n  if (tagName === \"a\" && attr === \"href\" && isSafeUrl(value)) {\n    return `href=\"${escapeAttribute(value)}\"`\n  }\n\n  if (tagName === \"img\" && attr === \"src\" && isSafeUrl(value)) {\n    return `src=\"${escapeAttribute(value)}\"`\n  }\n\n  if (tagName === \"img\" && (attr === \"alt\" || attr === \"width\" || attr === \"height\")) {\n    return `${attr}=\"${escapeAttribute(value)}\"`\n  }\n\n  if ((tagName === \"td\" || tagName === \"th\") && (attr === \"colspan\" || attr === \"rowspan\")) {\n    return `${attr}=\"${escapeAttribute(value)}\"`\n  }\n\n  return null\n}\n\nfunction sanitizeAttributes(tagName: string, rawAttributes = \"\"): string {\n  const attributes: string[] = []\n  const attrPattern = /([A-Za-z_:][-A-Za-z0-9_:.]*)(?:\\s*=\\s*(?:\"([^\"]*)\"|'([^']*)'|([^\\s\"'=<>`]+)))?/g\n  let match: RegExpExecArray | null\n\n  while ((match = attrPattern.exec(rawAttributes)) !== null) {\n    const [, name, doubleQuotedValue, singleQuotedValue, unquotedValue] = match\n    const value = doubleQuotedValue ?? singleQuotedValue ?? unquotedValue ?? \"\"\n    const safeAttribute = sanitizeAttribute(tagName, name, value)\n    if (safeAttribute) attributes.push(safeAttribute)\n  }\n\n  if (tagName === \"a\" && attributes.some((attr) => attr.startsWith(\"href=\"))) {\n    attributes.push('target=\"_blank\"', 'rel=\"noopener noreferrer\"')\n  }\n\n  return attributes.length ? ` ${attributes.join(\" \")}` : \"\"\n}\n\nfunction findTagEnd(html: string, startIndex: number): number {\n  let quote: '\"' | \"'\" | null = null\n\n  for (let i = startIndex + 1; i < html.length; i += 1) {\n    const char = html[i]\n    if (quote) {\n      if (char === quote) quote = null\n      continue\n    }\n\n    if (char === '\"' || char === \"'\") {\n      quote = char\n      continue\n    }\n\n    if (char === \">\") return i\n  }\n\n  return -1\n}\n\nfunction parseTag(rawTag: string): { closing: boolean; name: string; attributes: string } | null {\n  const match = rawTag.match(/^<\\s*(\\/)?\\s*([A-Za-z][A-Za-z0-9:-]*)\\b([\\s\\S]*?)\\/?>$/)\n  if (!match) return null\n\n  return {\n    closing: !!match[1],\n    name: match[2].toLowerCase(),\n    attributes: match[3] ?? \"\",\n  }\n}\n\nfunction findDangerousClose(html: string, tagName: string, fromIndex: number): number {\n  const closePattern = new RegExp(`</\\\\s*${tagName}\\\\s*>`, \"ig\")\n  closePattern.lastIndex = fromIndex\n  const match = closePattern.exec(html)\n  return match ? closePattern.lastIndex : -1\n}\n\n/**\n * Conservative, deterministic sanitizer for user/email supplied HTML rendered by\n * design-system components. It keeps common email formatting tags while removing\n * executable tags, event handlers, inline styles, and unsafe URLs. This stays\n * dependency-free for the shared package and intentionally favors stripping\n * ambiguous email content over preserving every possible HTML feature.\n */\nexport function sanitizeHtml(html: string): string {\n  let output = \"\"\n  let cursor = 0\n\n  while (cursor < html.length) {\n    const tagStart = html.indexOf(\"<\", cursor)\n    if (tagStart === -1) {\n      output += html.slice(cursor)\n      break\n    }\n\n    output += html.slice(cursor, tagStart)\n\n    if (html.startsWith(\"<!--\", tagStart)) {\n      const commentEnd = html.indexOf(\"-->\", tagStart + 4)\n      cursor = commentEnd === -1 ? html.length : commentEnd + 3\n      continue\n    }\n\n    const tagEnd = findTagEnd(html, tagStart)\n    if (tagEnd === -1) {\n      output += escapeHtml(html.slice(tagStart))\n      break\n    }\n\n    const rawTag = html.slice(tagStart, tagEnd + 1)\n    const parsed = parseTag(rawTag)\n    if (!parsed) {\n      cursor = tagEnd + 1\n      continue\n    }\n\n    if (DANGEROUS_BLOCK_TAGS.has(parsed.name)) {\n      const closeEnd = parsed.closing ? -1 : findDangerousClose(html, parsed.name, tagEnd + 1)\n      cursor = closeEnd === -1 ? tagEnd + 1 : closeEnd\n      continue\n    }\n\n    if (ALLOWED_TAGS.has(parsed.name)) {\n      if (parsed.closing) {\n        if (!VOID_TAGS.has(parsed.name)) output += `</${parsed.name}>`\n      } else {\n        output += `<${parsed.name}${sanitizeAttributes(parsed.name, parsed.attributes)}>`\n      }\n    }\n\n    cursor = tagEnd + 1\n  }\n\n  return output\n}\n\nexport function htmlToTextSnippet(html: string, maxLength = 140): string {\n  return sanitizeHtml(html)\n    .replace(/<[^>]+>/g, \" \")\n    .replace(/\\s+/g, \" \")\n    .trim()\n    .slice(0, maxLength)\n}\n"],"mappings":"AAAA,MAAM,uBAAuB,oBAAI,IAAI;AAAA,EACnC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAED,MAAM,eAAe,oBAAI,IAAI;AAAA,EAC3B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAED,MAAM,YAAY,oBAAI,IAAI,CAAC,MAAM,MAAM,KAAK,CAAC;AAC7C,MAAM,oBAAoB,oBAAI,IAAI,CAAC,cAAc,QAAQ,OAAO,CAAC;AACjE,MAAM,qBAAqB,oBAAI,IAAI,CAAC,SAAS,UAAU,WAAW,MAAM,CAAC;AAEzE,SAAS,WAAW,OAAuB;AACzC,SAAO,MACJ,QAAQ,MAAM,OAAO,EACrB,QAAQ,MAAM,MAAM,EACpB,QAAQ,MAAM,MAAM;AACzB;AAEA,SAAS,gBAAgB,OAAuB;AAC9C,SAAO,WAAW,KAAK,EAAE,QAAQ,MAAM,QAAQ;AACjD;AAEA,SAAS,cAAc,OAAuB;AAC5C,SAAO,OAAO,UAAU,KAAK,KAAK,SAAS,KAAK,SAAS,UAAW,OAAO,cAAc,KAAK,IAAI;AACpG;AAEA,SAAS,mBAAmB,OAAuB;AACjD,QAAM,gBAAwC;AAAA,IAC5C,KAAK;AAAA,IACL,MAAM;AAAA,IACN,OAAO;AAAA,IACP,IAAI;AAAA,IACJ,IAAI;AAAA,IACJ,SAAS;AAAA,IACT,MAAM;AAAA,IACN,KAAK;AAAA,EACP;AAEA,MAAI,UAAU;AACd,WAAS,IAAI,GAAG,IAAI,GAAG,KAAK,GAAG;AAC7B,UAAM,OAAO,QACV,QAAQ,sBAAsB,CAAC,QAAQ,QAAgB;AACtD,YAAM,YAAY,OAAO,SAAS,KAAK,EAAE;AACzC,aAAO,cAAc,SAAS;AAAA,IAChC,CAAC,EACA,QAAQ,cAAc,CAAC,QAAQ,YAAoB;AAClD,YAAM,YAAY,OAAO,SAAS,SAAS,EAAE;AAC7C,aAAO,cAAc,SAAS;AAAA,IAChC,CAAC,EACA,QAAQ,gBAAgB,CAAC,OAAO,SAAc;AArFrD;AAqFwD,iCAAc,KAAK,YAAY,CAAC,MAAhC,YAAqC;AAAA,KAAK;AAE9F,QAAI,SAAS,QAAS,QAAO;AAC7B,cAAU;AAAA,EACZ;AAEA,SAAO;AACT;AAEA,SAAS,UAAU,OAAwB;AACzC,QAAM,UAAU,mBAAmB,KAAK,EAAE,QAAQ,6BAA6B,EAAE,EAAE,KAAK;AACxF,MAAI,CAAC,QAAS,QAAO;AACrB,MAAI,QAAQ,WAAW,IAAI,EAAG,QAAO;AACrC,MAAI,QAAQ,WAAW,GAAG,KAAK,QAAQ,WAAW,GAAG,KAAK,QAAQ,WAAW,IAAI,KAAK,QAAQ,WAAW,KAAK,GAAG;AAC/G,WAAO;AAAA,EACT;AAEA,MAAI;AACF,WAAO,mBAAmB,IAAI,IAAI,IAAI,SAAS,uBAAuB,EAAE,QAAQ;AAAA,EAClF,SAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,SAAS,kBAAkB,OAA8B;AACvD,QAAM,aAAa,MAChB,MAAM,KAAK,EACX,IAAI,CAAC,UAAU,MAAM,KAAK,CAAC,EAC3B,OAAO,CAAC,UAAU,mBAAmB,KAAK,KAAK,CAAC;AAEnD,SAAO,WAAW,SAAS,WAAW,KAAK,GAAG,IAAI;AACpD;AAEA,SAAS,kBAAkB,SAAiB,MAAc,OAA8B;AACtF,QAAM,OAAO,KAAK,YAAY;AAE9B,MACE,KAAK,WAAW,IAAI,KACpB,SAAS,WACT,SAAS,YACT,SAAS,gBACT,SAAS,gBACT,SAAS,SACT;AACA,WAAO;AAAA,EACT;AAEA,MAAI,SAAS,SAAS;AACpB,UAAM,gBAAgB,kBAAkB,KAAK;AAC7C,WAAO,gBAAgB,UAAU,gBAAgB,aAAa,CAAC,MAAM;AAAA,EACvE;AAEA,MAAI,kBAAkB,IAAI,IAAI,KAAK,KAAK,WAAW,OAAO,GAAG;AAC3D,WAAO,GAAG,IAAI,KAAK,gBAAgB,KAAK,CAAC;AAAA,EAC3C;AAEA,MAAI,YAAY,OAAO,SAAS,UAAU,UAAU,KAAK,GAAG;AAC1D,WAAO,SAAS,gBAAgB,KAAK,CAAC;AAAA,EACxC;AAEA,MAAI,YAAY,SAAS,SAAS,SAAS,UAAU,KAAK,GAAG;AAC3D,WAAO,QAAQ,gBAAgB,KAAK,CAAC;AAAA,EACvC;AAEA,MAAI,YAAY,UAAU,SAAS,SAAS,SAAS,WAAW,SAAS,WAAW;AAClF,WAAO,GAAG,IAAI,KAAK,gBAAgB,KAAK,CAAC;AAAA,EAC3C;AAEA,OAAK,YAAY,QAAQ,YAAY,UAAU,SAAS,aAAa,SAAS,YAAY;AACxF,WAAO,GAAG,IAAI,KAAK,gBAAgB,KAAK,CAAC;AAAA,EAC3C;AAEA,SAAO;AACT;AAEA,SAAS,mBAAmB,SAAiB,gBAAgB,IAAY;AAhKzE;AAiKE,QAAM,aAAuB,CAAC;AAC9B,QAAM,cAAc;AACpB,MAAI;AAEJ,UAAQ,QAAQ,YAAY,KAAK,aAAa,OAAO,MAAM;AACzD,UAAM,CAAC,EAAE,MAAM,mBAAmB,mBAAmB,aAAa,IAAI;AACtE,UAAM,SAAQ,2DAAqB,sBAArB,YAA0C,kBAA1C,YAA2D;AACzE,UAAM,gBAAgB,kBAAkB,SAAS,MAAM,KAAK;AAC5D,QAAI,cAAe,YAAW,KAAK,aAAa;AAAA,EAClD;AAEA,MAAI,YAAY,OAAO,WAAW,KAAK,CAAC,SAAS,KAAK,WAAW,OAAO,CAAC,GAAG;AAC1E,eAAW,KAAK,mBAAmB,2BAA2B;AAAA,EAChE;AAEA,SAAO,WAAW,SAAS,IAAI,WAAW,KAAK,GAAG,CAAC,KAAK;AAC1D;AAEA,SAAS,WAAW,MAAc,YAA4B;AAC5D,MAAI,QAA0B;AAE9B,WAAS,IAAI,aAAa,GAAG,IAAI,KAAK,QAAQ,KAAK,GAAG;AACpD,UAAM,OAAO,KAAK,CAAC;AACnB,QAAI,OAAO;AACT,UAAI,SAAS,MAAO,SAAQ;AAC5B;AAAA,IACF;AAEA,QAAI,SAAS,OAAO,SAAS,KAAK;AAChC,cAAQ;AACR;AAAA,IACF;AAEA,QAAI,SAAS,IAAK,QAAO;AAAA,EAC3B;AAEA,SAAO;AACT;AAEA,SAAS,SAAS,QAA+E;AAxMjG;AAyME,QAAM,QAAQ,OAAO,MAAM,wDAAwD;AACnF,MAAI,CAAC,MAAO,QAAO;AAEnB,SAAO;AAAA,IACL,SAAS,CAAC,CAAC,MAAM,CAAC;AAAA,IAClB,MAAM,MAAM,CAAC,EAAE,YAAY;AAAA,IAC3B,aAAY,WAAM,CAAC,MAAP,YAAY;AAAA,EAC1B;AACF;AAEA,SAAS,mBAAmB,MAAc,SAAiB,WAA2B;AACpF,QAAM,eAAe,IAAI,OAAO,SAAS,OAAO,SAAS,IAAI;AAC7D,eAAa,YAAY;AACzB,QAAM,QAAQ,aAAa,KAAK,IAAI;AACpC,SAAO,QAAQ,aAAa,YAAY;AAC1C;AASO,SAAS,aAAa,MAAsB;AACjD,MAAI,SAAS;AACb,MAAI,SAAS;AAEb,SAAO,SAAS,KAAK,QAAQ;AAC3B,UAAM,WAAW,KAAK,QAAQ,KAAK,MAAM;AACzC,QAAI,aAAa,IAAI;AACnB,gBAAU,KAAK,MAAM,MAAM;AAC3B;AAAA,IACF;AAEA,cAAU,KAAK,MAAM,QAAQ,QAAQ;AAErC,QAAI,KAAK,WAAW,QAAQ,QAAQ,GAAG;AACrC,YAAM,aAAa,KAAK,QAAQ,OAAO,WAAW,CAAC;AACnD,eAAS,eAAe,KAAK,KAAK,SAAS,aAAa;AACxD;AAAA,IACF;AAEA,UAAM,SAAS,WAAW,MAAM,QAAQ;AACxC,QAAI,WAAW,IAAI;AACjB,gBAAU,WAAW,KAAK,MAAM,QAAQ,CAAC;AACzC;AAAA,IACF;AAEA,UAAM,SAAS,KAAK,MAAM,UAAU,SAAS,CAAC;AAC9C,UAAM,SAAS,SAAS,MAAM;AAC9B,QAAI,CAAC,QAAQ;AACX,eAAS,SAAS;AAClB;AAAA,IACF;AAEA,QAAI,qBAAqB,IAAI,OAAO,IAAI,GAAG;AACzC,YAAM,WAAW,OAAO,UAAU,KAAK,mBAAmB,MAAM,OAAO,MAAM,SAAS,CAAC;AACvF,eAAS,aAAa,KAAK,SAAS,IAAI;AACxC;AAAA,IACF;AAEA,QAAI,aAAa,IAAI,OAAO,IAAI,GAAG;AACjC,UAAI,OAAO,SAAS;AAClB,YAAI,CAAC,UAAU,IAAI,OAAO,IAAI,EAAG,WAAU,KAAK,OAAO,IAAI;AAAA,MAC7D,OAAO;AACL,kBAAU,IAAI,OAAO,IAAI,GAAG,mBAAmB,OAAO,MAAM,OAAO,UAAU,CAAC;AAAA,MAChF;AAAA,IACF;AAEA,aAAS,SAAS;AAAA,EACpB;AAEA,SAAO;AACT;AAEO,SAAS,kBAAkB,MAAc,YAAY,KAAa;AACvE,SAAO,aAAa,IAAI,EACrB,QAAQ,YAAY,GAAG,EACvB,QAAQ,QAAQ,GAAG,EACnB,KAAK,EACL,MAAM,GAAG,SAAS;AACvB;","names":[]}

package/dist/prototype/index.d.ts

@@ -1,4 +1,4 @@
-export { A as AccountFilterTab, a as AccountsViewConfig, b as AdminTab, c as AdminViewConfig, B as BriefStyleVariant, E as EntityPanelConfig, d as EntityPanelSection, I as InboxDetailSections, e as InboxSortOption, f as InboxViewConfig, g as InsightsCustomTab, h as InsightsViewConfig, i as PrototypeBrandConfig, j as PrototypeConfig, Q as QueueItem, l as SignalScoreData, m as SignalScoreExplanationBucket, n as SignalScoreExplanationSignal, o as SignalScoreUrgencyLabel, T as TimelineSystemEventsConfig, W as WorkQueueViewConfig } from '../signal-priority-popover-QJngMAj7.js';
+export { A as AccountFilterTab, a as AccountsViewConfig, b as AdminTab, c as AdminViewConfig, B as BriefStyleVariant, E as EntityPanelConfig, d as EntityPanelSection, I as InboxDetailSections, e as InboxSortOption, f as InboxViewConfig, g as InsightsCustomTab, h as InsightsViewConfig, i as PrototypeBrandConfig, j as PrototypeConfig, Q as QueueItem, m as SignalScoreData, n as SignalScoreExplanationBucket, o as SignalScoreExplanationSignal, p as SignalScoreUrgencyLabel, T as TimelineSystemEventsConfig, W as WorkQueueViewConfig } from '../signal-priority-popover-CZitE9xq.js';
 export { PrototypeShell, PrototypeShellProps } from './prototype-shell.js';
 export { DetailView, DetailViewProps, PrototypeInboxView, PrototypeInboxViewProps } from './prototype-inbox-view.js';
 export { PrototypeInsightsView, PrototypeInsightsViewProps } from './prototype-insights-view.js';

package/dist/prototype/prototype-accounts-view.d.ts

@@ -1,5 +1,5 @@
 import * as React from 'react';
-import { a as AccountsViewConfig } from '../signal-priority-popover-QJngMAj7.js';
+import { a as AccountsViewConfig } from '../signal-priority-popover-CZitE9xq.js';
 import { DataRow } from '../components/data-table.js';
 import '../components/feedback-primitives.js';
 import '../components/quick-action-sidebar-nav.js';

package/dist/prototype/prototype-admin-view.d.ts

@@ -1,5 +1,5 @@
 import * as React from 'react';
-import { c as AdminViewConfig } from '../signal-priority-popover-QJngMAj7.js';
+import { c as AdminViewConfig } from '../signal-priority-popover-CZitE9xq.js';
 import '../components/feedback-primitives.js';
 import '../components/quick-action-sidebar-nav.js';
 import '../components/quick-action-modal.js';

package/dist/prototype/prototype-config.d.ts

@@ -11,7 +11,7 @@ import '../charts/pipeline-overview.js';
 import '../components/timeline-activity.js';
 import '../components/signal-feedback-inline.js';
 import 'lucide-react';
-export { A as AccountFilterTab, a as AccountsViewConfig, b as AdminTab, c as AdminViewConfig, B as BriefStyleVariant, E as EntityPanelConfig, d as EntityPanelSection, I as InboxDetailSections, e as InboxSortOption, f as InboxViewConfig, g as InsightsCustomTab, h as InsightsViewConfig, i as PrototypeBrandConfig, j as PrototypeConfig, Q as QueueItem, l as SignalScoreData, m as SignalScoreExplanationBucket, n as SignalScoreExplanationSignal, o as SignalScoreUrgencyLabel, T as TimelineSystemEventsConfig, W as WorkQueueViewConfig } from '../signal-priority-popover-QJngMAj7.js';
+export { A as AccountFilterTab, a as AccountsViewConfig, b as AdminTab, c as AdminViewConfig, B as BriefStyleVariant, E as EntityPanelConfig, d as EntityPanelSection, I as InboxDetailSections, e as InboxSortOption, f as InboxViewConfig, g as InsightsCustomTab, h as InsightsViewConfig, i as PrototypeBrandConfig, j as PrototypeConfig, Q as QueueItem, m as SignalScoreData, n as SignalScoreExplanationBucket, o as SignalScoreExplanationSignal, p as SignalScoreUrgencyLabel, T as TimelineSystemEventsConfig, W as WorkQueueViewConfig } from '../signal-priority-popover-CZitE9xq.js';
 import '../components/feedback-primitives.js';
 import '../components/quick-action-modal.js';
 import '../components/score-semantics.js';

package/dist/prototype/prototype-inbox-view.d.ts

@@ -3,7 +3,7 @@ import { OpportunityDraft, ApprovalState, OpportunityPreview } from '../componen
 import { SourceDef } from '../components/detail-view.js';
 import { SuggestedAction, SuggestedContact } from '../components/suggested-actions.js';
 import { TimelineEvent } from '../components/timeline-activity.js';
-import { Q as QueueItem, I as InboxDetailSections, l as SignalScoreData, f as InboxViewConfig, B as BriefStyleVariant, T as TimelineSystemEventsConfig } from '../signal-priority-popover-QJngMAj7.js';
+import { Q as QueueItem, I as InboxDetailSections, m as SignalScoreData, f as InboxViewConfig, B as BriefStyleVariant, T as TimelineSystemEventsConfig } from '../signal-priority-popover-CZitE9xq.js';
 import '../components/feedback-primitives.js';
 import '../components/quick-action-sidebar-nav.js';
 import '../components/quick-action-modal.js';

package/dist/prototype/prototype-inbox-view.js

@@ -362,6 +362,8 @@ function DetailView({
                 score: signalData.score,
                 urgencyLabel: signalData.urgencyLabel,
                 urgencyExplanation: (_b = signalData.urgencyExplanation) != null ? _b : signalData.signalBrief,
+                scoreDisplay: signalData.priorityScoreDisplay,
+                formulaLabel: signalData.priorityFormulaLabel,
                 factors: (_c = signalData.priorityFactors) != null ? _c : [],
                 metaText: void 0,
                 feedbackChips: signalData.priorityFeedbackChips,